On Tuesday 28 December 2004 23:56, Ben Rosenberg wrote:
On Tue, 28 Dec 2004 19:50:43 -0800, Susemail
wrote: Why should I be concerned about any of these?:
Found warnings: [19:33:46] WARNING, found: /etc/.java (directory)
Because it shouldn't be there and SUSE didn't ship anything that would put it there. So something else did.
removed.
[19:33:49] Warning: root login possible. Change for your safety the 'PermitRootLogin'
Letting root ssh into a system is inviting trouble if a problem is found with OpenSSH. It could leave you open to an attack that could wipe the system.
I used 'locate PermitRootLogin' and I checked the sysconfig directory to find PermitRootLogin. Where is it or even better, how should I have looked for it?
[19:33:49] Warning: SSH version 1 possible allowed!
Tons of exploits found for SSH1 and it should be disabled. SUSE doesn't enable this by default on install so something enabled SSH1 protocol. --
I can only see an enabled sshd in the Runlevel editor. Using locate I get: /usr/lib/nessus/plugins/ssh1_proto_enabled.nasl. How do I disable the SSH1 protocal
"There is no need to teach that stars can fall out of the sky and land on a flat Earth in order to defend religious faith."