SSH on by default? (Was: too many deamons by default - F7 test 2 live cd)
Thomas M Steenholdt
tmus at tmus.dk
Thu Mar 22 14:51:28 UTC 2007
- Previous message: SSH on by default? (Was: too many deamons by default - F7 test 2 live cd)
- Next message: Fw: Re: rpms/openbabel/devel openbabel-changelog.patch, NONE, 1.1 .cvsignore, 1.3, 1.4 openbabel.spec, 1.5, 1.6 sources, 1.3, 1.4 openbabel-chicken.patch, 1.2, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Arthur Pemberton wrote:
> On 3/21/07, Nicolas Mailhot <nicolas.mailhot at laposte.net> wrote:
>> Le mercredi 21 mars 2007 à 17:45 -0500, Arthur Pemberton a écrit :
>> > On 3/21/07, Nicolas Mailhot <nicolas.mailhot at laposte.net> wrote:
>>
>> > > attackers *do* brute-force usernames, probably because root is
>> usually
>> > > secured but you can hope hitting a user account with no password
>> > >
>> > > install pam_abl. It will profile the attacks for you (for exemple
>> on my
>> > > system root is the most attacked user but this is dwarfed by one-shot
>> > > dictionary-user tries)
>> >
>> > Hence my point of havign root login off by default.
>>
>> Hence my point that most attack scripts don't even care about root
>> anymore :) Any user account will do, and they use common username
>> databases
>>
>
> Yes, but root always exists. The others are purely hit and miss
>
Exactly - root exists and the attackers know this. For other users, both
the usernames AND their passwords will have to be bruteforced...
/Thomas
- Previous message: SSH on by default? (Was: too many deamons by default - F7 test 2 live cd)
- Next message: Fw: Re: rpms/openbabel/devel openbabel-changelog.patch, NONE, 1.1 .cvsignore, 1.3, 1.4 openbabel.spec, 1.5, 1.6 sources, 1.3, 1.4 openbabel-chicken.patch, 1.2, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the devel
mailing list