[ubuntu-uk] Preventing a hack attempt

Sean Miller sean at seanmiller.net
Sat Aug 28 06:27:15 BST 2010

On 28 August 2010 01:22, Daniel Case <danielcase10 at googlemail.com> wrote:
> I need to know mainly how to stop the SSH user running su in the first place
> and how to stop the user seeing files like /etc/passwd

You could always rename su to something else, I suppose... I renamed
"wget" to "webget" on one server because scripts were using it to
download files to the server with malicious intent... you could also
change the port that ssh runs on, which I have done as well, which
tends to make it a bit harder (I use port 23432 - easy to remember,
but not 22)....

Not sure about hiding /etc/passwd... there is probably a reason why it
needs to be accessible to all users...


More information about the ubuntu-uk mailing list