Re: [Full-Disclosure] Re: Any update on SSH brute force attempts?

From: Barrie Dempster (barrie_at_reboot-robot.net)
Date: 10/18/04

  • Next message: Clairmont, Jan M: "[Full-Disclosure] RE: [Full-Disclosure]Open the doors to hell hire a hicker Full-Disclosure Posts"
    To: full-disclosure@lists.netsys.com
    Date: Mon, 18 Oct 2004 14:24:25 +0100
    
    
    

    On Mon, 2004-10-18 at 06:41 -0500, Ron DuFresne wrote:
    > Why not just disallow root logins directly, and force someone with a valid
    > user account to su after getting a shell? It was my impression that was
    > more standard, and if one has to allow remote root directly, at least
    > restrict it to specific systems and users. All the places I have worked
    > for forced the su after shell to root..

    I'm in agreement with this, as well as combining this with use of sudo
    for common functions requiring root privs (such as using tools requiring
    raw socks support for instance) meaning you rarely have to become root
    and the root account becomes slightly more difficult to compromise.

    -- 
    Barrie Dempster (zeedo) - Fortiter et Strenue
      http://www.bsrf.org.uk
    [ gpg --recv-keys --keyserver www.keyserver.net 0x96025FD0 ]
    
    

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html



  • Next message: Clairmont, Jan M: "[Full-Disclosure] RE: [Full-Disclosure]Open the doors to hell hire a hicker Full-Disclosure Posts"