mhaney at ercbroadband.org
Wed Jan 14 21:42:36 UTC 2009
> Thats not entirely correct, on the couple of exposed ssh servers we have,
> we have never seen an attempt for root. They've thrown just about every
> other random and generated names at them, but never root, the scripties
> who write these things, in recent years are cluey enough to know people
> take measures. In fact of all my years, I'd have to go back to the early
> to mid 90's to recall the last attempts for a remote root login on ssh.
> Maybe its geographics, who knows...
I fail to see how that's incorrect, then? I occasionally see attempts
to break in with root, but not that often. That wasn't really my point.
The point is that not allowing ANY privileged account login access via
any method effectively makes breaking in with them impossible. This is
something we learned a LONG time ago. Blocking everything and opening
what you need is much easier than having it wide open and then trying to
close the barn door.
Frustra laborant quotquot se calculationibus fatigant pro inventione
Sr. Systems Administrator
Call (866) ERC-7110 for after hours support
More information about the ubuntu-users