Root account
Rashkae
ubuntu at tigershaunt.com
Thu Apr 19 02:31:29 UTC 2007
John L Fjellstad wrote:
> Brian Fahrlander <brian at fahrlander.net> writes:
>
>> It's the one account the bulk-attack people can guess and try
>> millions of times until they get in.
>
> It's also the one account that probably is ssh login disabled.
>
If you have an internet facing SSH, it's a really good idea to disable
password logins (use Keys only) and or listen on a non-default port...
Sure secure passwords *should* protect you from these annoying brute
force attacks, but they are just waiting for you to screw up one day..
(Pity the poor admin who creates a Test user with a weak password)
More information about the ubuntu-users
mailing list