SSH hacked?

Steve Lamb grey at dmiyu.org
Sat Jan 17 01:51:49 UTC 2009


Knapp wrote:
> You can force users to have good passwords. They can even be tested with
> cracker programs after they give them and there are strength meters too.

    Or I can just close off the port and not worry about the strength of their
passwords.  I'm sorry but go read any decent document on hardening a system
and the first, the FIRST thing every one of them will tell you is to shut down
or otherwise block off any service you do not need.  It isn't "Hey, make sure
all your passwords are top notch first.  Afterwards you might want to think
about disabling or closing off services you don't need."

-- 
         Steve C. Lamb         | But who decides what they dream?
       PGP Key: 8B6E99C5       |   And dream I do...
-------------------------------+---------------------------------------------

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 260 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20090116/acc74e4d/attachment.pgp>


More information about the ubuntu-users mailing list