Security....
Leonard Isham
leonard.isham at gmail.com
Wed Oct 27 11:27:57 UTC 2004
On Wed, 27 Oct 2004 11:54:08 +0100, Jim Higson <jh at 333.org> wrote:
> > Good points James...you missed one though... port 22. I see more attempts
> > on SSH than any other port....stupid and LAME attempts but more on this
> > than any other...
>
> Out of curiosity, how much does it really matter so long as you have strong
> passwords?
>
> If security holes are discovered in ssh, then sure, someone who knows what
> they're doing might be able to gain access. But then someone qualified enough
> to find new holes in ssh won't be targeting my desktop box, or the http
> server for a small buisines.
>
> In general isn't ssh pretty secure, and aren't security fixes normally issued
> before the script kiddies get hold of an exploit?
>
> --
> Jim
You never know when someone will feel slighted and make any business a
target "to show them."
It's best to not let root login directly and limit who can ssh in.
The old security joke:
Two men on the Serengeti Plans when they notice a lion stalking them.
The first stops to put on his running shoes.
The second states that you can't out run a lion even with running shoes.
The first calmly states I don't have to out run the lion I have to out run you.
The moral is that you don't have to have perfect security, but you
better not be the easiest target either.
More information about the fedora-list
mailing list