Cracked
Michel Klijmij
michel+spam at klijmij.net
Mon Oct 18 10:36:18 UTC 2004
On Mon, 18 Oct 2004 15:20:12 +0800, John <dingo at coco2.arach.net.au> wrote
in <41736EAC.5050603 at coco2.arach.net.au>:
> I allow logins via ssh (I need access to do remote maintenance).
Do you permit root logins? Do you restrict access to a limited number of
IP addresses? Have you considered public key authentication? Do the users
have good passwords?
> One person, possibly as many as three, gained root access to the box
> with the ever-reliable dictionary attack.
That proves that you (generic, in fact, everyone) need strong passwords,
or not permit passwords for SSH at all. I think Ubuntu is a bit more safe
because root is disabled and only one user has sudo rights. Furthermore, I
do not permit root login via ssh and have used /etc/hosts.allow and .deny
to restrict access to the networks from where I log in, after I started
noticing an increase in login attempts from unknown machines. And my
passwords are safe, of course. That combined makes it a bit more difficult
to gain root access.
--
Kind regards,
Michel Klijmij
ICQ/MSN in headers http://michel.klijmij.net/
More information about the ubuntu-users
mailing list