attack 2

David Cary Hart Fedora at TQMcube.com
Thu May 12 17:05:24 UTC 2005


On Thu, 2005-05-12 at 17:59 +0100, James Wilkinson wrote:
> grim wrote:
> > if the passwords are as weak as roland's seems to be the 
> > 'PermitRootLogin no'-option is only a little barrier. instead of one pw 
> > the attacker has to get two passwords.
> 
> And a username. Depending on the attacker and the site, that may or may
> not be trivial.
> 
> At least some of the boxes I look after with SSH running have usernames
> that don't appear in dictionaries or Google, and aren't widely known
> outside the company. It means that an attacker has to get to know one of
> the users.
> 
> They're not really "another password", but they're another hoop for
> people to jump through.
> 
I would suggest specific SSH user names; Users that won't be found in
email plus, of course, strong passwords. These, then, are the only users
in "AllowUsers" augmented with "known hosts."


-- 
Multi-RBL Check:         http://www.TQMcube.com/rblcheck.htm
Kill Spam at the Source: http://www.TQMcube.com/spam_trap.htm
Today's Spam Trap Adds:  http://www.TQMcube.com/BlockedToday
RBLDNSD HowTo:           http://www.TQMcube.com/rbldnsd.htm




More information about the fedora-list mailing list