[wplug] Any tips against this kind of ssh break-in?
Russ Schneider
russ at sugapablo.com
Fri Jul 15 16:09:58 EDT 2005
On Fri, 15 Jul 2005, Brian A. Seklecki wrote:
> GOOD GOD!! What distro* still ships with PermitRootLogin set to "yes" by
> default ?! Are you sure that's the case, or perhaps it was commented in
> the sshd_config (prefixed with "#"), but the comment in the config
> doesn't reflect the default source code setting (servconf.h)?
Well it was commented out as "yes". Eitehr way, I uncommented it and set
it to "no" to be safe.
> Also, as everyone else is saying, regardless of your IP networking
> environment, you should have some sort of host-based firewall only
> allowing SSH from trusted hosts.
I hardly know where I'll be when I want to login to the box. Sometimes
I'm at a client's site and I need to login, so a trusted hosts list
doesn't really help me much.
--
[ Russ Schneider (a.k.a. Sugapablo) ]
[ http://www.sugapablo.net <--personal | http://www.sugapablo.com <--music ]
[ http://www.2ra.org <--political | http://www.subuse.net <--discuss ]
More information about the wplug
mailing list