SSH on by default? (Was: too many deamons by default - F7 test 2 live cd)
Arthur Pemberton
pemboa at gmail.com
Wed Mar 21 23:32:22 UTC 2007
On 3/21/07, Nicolas Mailhot <nicolas.mailhot at laposte.net> wrote:
> Le mercredi 21 mars 2007 à 17:45 -0500, Arthur Pemberton a écrit :
> > On 3/21/07, Nicolas Mailhot <nicolas.mailhot at laposte.net> wrote:
>
> > > attackers *do* brute-force usernames, probably because root is usually
> > > secured but you can hope hitting a user account with no password
> > >
> > > install pam_abl. It will profile the attacks for you (for exemple on my
> > > system root is the most attacked user but this is dwarfed by one-shot
> > > dictionary-user tries)
> >
> > Hence my point of havign root login off by default.
>
> Hence my point that most attack scripts don't even care about root
> anymore :) Any user account will do, and they use common username
> databases
>
Yes, but root always exists. The others are purely hit and miss
--
Fedora Core 6 and proud
More information about the fedora-devel-list
mailing list