[wplug] Any tips against this kind of ssh break-in?
Russ Schneider
russ at sugapablo.com
Fri Jul 15 16:07:23 EDT 2005
On Fri, 15 Jul 2005, Devin Lee Drew wrote:
> You use a good password for the system in question right?
> If so, none of this matters. These, as Bill Moran
> mentioned, are dumb scripts knocking on your door to see if
> you have dumb passwords.
I use good passwords for root and my regular user, but I have friends with
accounts on the box, and while I assume these friends know to use good
passwords (they're all techs themselves), I can't swear to it. (root
login is now disabled anyhow.)
One of their usernames is one that the would-be cracker guessed with his
script (it's a common name like "dave" or "rick"). I worry about these
because I've seen scripts people can use to get root access once their in
a system as a regular user.
As it stands now, root login is disabled. Checking my password files, no
common user has a password (like "nobody","ftp", etc.) and sshd_config
will not allow logins without passwords. No one has ever gotten into my
system (that I know), I just want to make sure it stays that way.
--
[ Russ Schneider (a.k.a. Sugapablo) ]
[ http://www.sugapablo.net <--personal | http://www.sugapablo.com <--music ]
[ http://www.2ra.org <--political | http://www.subuse.net <--discuss ]
More information about the wplug
mailing list