Re: [Full-Disclosure] Re: Any update on SSH brute force attempts?

From: Barrie Dempster (barrie_at_reboot-robot.net)
Date: 10/18/04

Next message: Clairmont, Jan M: "[Full-Disclosure] RE: [Full-Disclosure]Open the doors to hell hire a hicker Full-Disclosure Posts"

Previous message: KF_lists: "Re: [Full-Disclosure] why o why did NASA do this."
In reply to: Ron DuFresne: "Re: [Full-Disclosure] Re: Any update on SSH brute force attempts?"
Next in thread: Raj Mathur: "Re: [Full-Disclosure] Re: Any update on SSH brute force attempts?"
Reply: Raj Mathur: "Re: [Full-Disclosure] Re: Any update on SSH brute force attempts?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: full-disclosure@lists.netsys.com
Date: Mon, 18 Oct 2004 14:24:25 +0100

On Mon, 2004-10-18 at 06:41 -0500, Ron DuFresne wrote:
> Why not just disallow root logins directly, and force someone with a valid
> user account to su after getting a shell? It was my impression that was
> more standard, and if one has to allow remote root directly, at least
> restrict it to specific systems and users. All the places I have worked
> for forced the su after shell to root..

I'm in agreement with this, as well as combining this with use of sudo
for common functions requiring root privs (such as using tools requiring
raw socks support for instance) meaning you rarely have to become root
and the root account becomes slightly more difficult to compromise.

-- 
Barrie Dempster (zeedo) - Fortiter et Strenue
  http://www.bsrf.org.uk
[ gpg --recv-keys --keyserver www.keyserver.net 0x96025FD0 ]

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

application/pgp-signature attachment: This is a digitally signed message part

Next message: Clairmont, Jan M: "[Full-Disclosure] RE: [Full-Disclosure]Open the doors to hell hire a hicker Full-Disclosure Posts"

Previous message: KF_lists: "Re: [Full-Disclosure] why o why did NASA do this."
In reply to: Ron DuFresne: "Re: [Full-Disclosure] Re: Any update on SSH brute force attempts?"
Next in thread: Raj Mathur: "Re: [Full-Disclosure] Re: Any update on SSH brute force attempts?"
Reply: Raj Mathur: "Re: [Full-Disclosure] Re: Any update on SSH brute force attempts?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

running programs from user acctount as root
... I have recently upgraded from FC6 to Fedora ... So then after several package updates & the total struggle of getting DVD, ... that require root access from my user account. ...
(Fedora)
RE: unable to login as user
... unable to login as user ... Log in as root and look closely at the user account. ... the system just seems to hang and then go back to the username ...
(RedHat)
Re: unautherized access to unix systems?
... > programs, which are not visible from outside, can often have holes. ... > root runs ls and happens to have. ... It does not matter how good a cracker with a user account is it all depends ...
(comp.security.unix)
Re: which PC
... And this is a compliment aimed at Randall, ... us all exactly how an "Average User" in OS X who needs system Root ... User account was created in the standard fashion (eg, ... (eg, System Preferences) ...
(rec.photo.digital)
Re: [SLE] changing the roots shell
... > primarily in a user account - much safer. ... I change to root only as need to issue ... administrative commands. ... shell is mandatory. ...
(SuSE)