On Sat 29 Mar 2008 06:10:43 NZDT +1300, Per Jessen wrote:
Erm, the same thing that is better not having any remote service opened by default? The fact that it could have a vulnerability that could lead to a successful attack?
Doesn't seem to have been much of a problem in the last few years, has it? Also, ssh only becomes vulnerable to an attack when you open the port in the firewall.
This is the case Markus wants to protect against. People turn off the firewall for their desktops because it blocks too much LAN functionality by default (mostly broadcasts about available services, at a guess). With the default setting of password-login and the weak passwords on desktops sshd becomes a BIG HOLE(TM) very quickly, and nothing to do with coding errors.
Even then there is probably still a rate-check to stop brute force attacks.
Not by default (though there should be), you'll have to go out of your way to configure that. Someone who doesn't use sshd won't be doing that. Volker -- Volker Kuhlmann is list0570 with the domain in header http://volker.dnsalias.net/ Please do not CC list postings to me. --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org