Root account
Brian Fahrlander
brian at fahrlander.net
Thu Apr 19 00:27:57 UTC 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Pete Holsberg wrote:
> Why is it not advisable to activate the root account??
It's the one account the bulk-attack people can guess and try
millions of times until they get in.
When you get ssh set up on a Linux box, and you have logwatch
running, you'll see just how bad it is. It's also a good reason to use
usernames with parts of the first AND last names, not just "george" and
a password of "password". They try them by the millions per day,
literally.
When they find one they can get into, the IP address goes into a
database for the real hackers to come mess with...and you find yourself
sending spam for the bot-herders.
I've used Unix since 1989; trust me- great idea to keep it the
default way.
- --
------------------------------------------------------------------------
Brian Fahrländer Christian, Conservative, and Technomad
Evansville, IN http://Fahrlander.net/brian
ICQ: 5119262 AOL/Yahoo/GoogleTalk: WheelDweller
------------------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFGJreN6PLtRzZbdhYRApsYAJ4uccKpx2fUxWF/pc5P9qS1kvwv5gCfSvUl
PIxAnsX1BIJ4VmwkIAJwxO8=
=OhEq
-----END PGP SIGNATURE-----
More information about the ubuntu-users
mailing list