Full Disclosure mailing list archives
Re: Re: Re: Any update on SSH brute force attempts?
From: Ronny Adsetts <ronny.adsetts () amazinginternet com>
Date: Tue, 19 Oct 2004 11:00:22 +0100
Barrie Dempster said at 18/10/2004 15:39:
On Mon, 2004-10-18 at 14:01 +0100, Dave Ewart wrote:Well yes, that's fair enough - however, allowing direct root access does make certain things more straightforward, automated use of 'scp' etc.Yeh, but theres only a select few people crazy enough to scp files into places that require root access. People that fall into the more sane side of security use less error prone methods of updating configurations (which is what I'm guessing your using scp here for). There are very few valid reasons to have direct remote root access (so few I can't currently think of a one) remote admin tasks can be carried out by means other than login in directly as root.
How about where you have no local users except root - all other users are via LDAP or similar - and some catastrophe takes out your user DB? Allowing root ssh login will at least get you access to the box.
Allowing root ssh access but setting policy on its use seems a better option to me. And running jack the ripper on your password hashes of course.
Ronny -- Technical Director Amazing Internet Ltd, London t: +44 20 8607 9535 f: +44 20 8607 9536 w: www.amazinginternet.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Re: Any update on SSH brute force attempts?, (continued)
- Re: Re: Any update on SSH brute force attempts? Tim (Oct 16)
- RE: Re: Any update on SSH brute force attempts? Sean Crawford (Oct 16)
- Re: Any update on SSH brute force attempts? Dave Ewart (Oct 18)
- Re: Re: Any update on SSH brute force attempts? Ron DuFresne (Oct 18)
- Re: Re: Any update on SSH brute force attempts? Barrie Dempster (Oct 18)
- Re: Re: Any update on SSH brute force attempts? Raj Mathur (Oct 18)
- Re: Re: Any update on SSH brute force attempts? Barrie Dempster (Oct 18)
- Re: Re: Any update on SSH brute force attempts? Ron DuFresne (Oct 18)
- Re: Re: Any update on SSH brute force attempts? Ron DuFresne (Oct 18)
- Re: Re: Any update on SSH brute force attempts? Dave Ewart (Oct 18)
- Re: Re: Re: Any update on SSH brute force attempts? Barrie Dempster (Oct 18)
- Re: Re: Re: Any update on SSH brute force attempts? Ronny Adsetts (Oct 19)
- Re: Re: Re: Any update on SSH brute force attempts? Barrie Dempster (Oct 19)
- Re: Re: Re: Any update on SSH brute force attempts? Ronny Adsetts (Oct 20)