Mailinglist Archive: opensuse (2876 mails)
| < Previous | Next > |
Re: [opensuse] RKHunter reports possible infection
- From: Petr Klíma <tosuja@xxxxxxxxxxx>
- Date: Mon, 28 May 2007 11:02:02 +0200
- Message-id: <465A9A8A.6090904@xxxxxxxxxxx>
John Andersen wrote:
> I don't think that is a universally accepted setup. The only risk to
> root ssh logins is based on ancient flaws and timing attacks in
> long obsolete versions of ssh.
It has other reason - noone can do successfull dictionary attack on root
account when it's not allowed to login as root. You can try to rule out
this possibility by using strong password, but it might be wiser to
restrict root login from trusted IPs or deny it completely (while using
strong root password of course).
Tosuja
--
Petr "Tosuja" Klíma
Mail: tosuja@xxxxxxxxxxx
Web: www.tosuja.info
ICQ: 52057532
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
> I don't think that is a universally accepted setup. The only risk to
> root ssh logins is based on ancient flaws and timing attacks in
> long obsolete versions of ssh.
It has other reason - noone can do successfull dictionary attack on root
account when it's not allowed to login as root. You can try to rule out
this possibility by using strong password, but it might be wiser to
restrict root login from trusted IPs or deny it completely (while using
strong root password of course).
Tosuja
--
Petr "Tosuja" Klíma
Mail: tosuja@xxxxxxxxxxx
Web: www.tosuja.info
ICQ: 52057532
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
| < Previous | Next > |