BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

possible hacking?

Subject: possible hacking?
From: me at mattgillen.net (Matthew Gillen)
Date: Wed, 25 Jan 2006 11:06:20 -0500
In-reply-to: <20060125155819.GA4772@io.pong.be>
References: <20060125131145.44A971838E0@olduvai.blu.org> <1892.192.168.2.251.1138196167.squirrel@envoy.ci.net> <20060125134940.GA3301@io.pong.be> <20060125100211.B29549@redline.comcast.net> <20060125105529.Q17353@borg.org> <20060125155819.GA4772@io.pong.be>

Ward Vandewege wrote:
> Better yet; disallow direct (root) logins with passwords. Only allow them with
> keys.

This is excellent advice.  In fact, if this this is a home system,
you're probably better off to set the defaults such that no one can log
in via sshd, then specifically allow certain (real) users.  You should
*never* need root to log in directly.  This forces them to guess *both*
a username and a password, and with no indication as to whether a
username is valid or not, it becomes *very* difficult to brute force.

Note that the script kiddies will try not only the username 'root', but
also 'apache', 'httpd', 'ftp', etc.

--Matt

Follow-Ups:
- possible hacking?
  - From: kentborg at borg.org (Kent Borg)

References:
- possible hacking?
  - From: richb at pioneer.ci.net (Rich Braun)
- possible hacking?
  - From: ward at pong.be (Ward Vandewege)
- possible hacking?
  - From: jkinz at kinz.org (Jeff Kinz)
- possible hacking?
  - From: kentborg at borg.org (Kent Borg)
- possible hacking?
  - From: ward at pong.be (Ward Vandewege)

Prev by Date: possible hacking?
Next by Date: possible hacking?
Previous by thread: possible hacking?
Next by thread: possible hacking?
Index(es):
- Date
- Thread


BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Boston Linux & Unix / webmaster@blu.org