On Fri, 04 Feb 2005 00:05:34 +0000, Chris Hodgins <[EMAIL PROTECTED]> wrote:
Gert Cuykens wrote:
On Thu, 03 Feb 2005 23:34:42 +0000, Chris Hodgins <[EMAIL PROTECTED]> wrote:
Gert Cuykens wrote:
By default the root ssh is disabled. If a dedicated server x somewhere far far away doesn't have root ssh enabled the admin is pretty much screwed if they hack his user account and change the user password right ?
So is it not better to enable it by default ? _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Every unix box has a root account. Not every unix box has a jblogs account. Lets take the example of a brute-force attempt. The first thing I would do would be to attack roots password. I know the account exists. Might as well go for the big prize first.
So having a root account enabled is definetly a bad thing.
Chris
Do you agree a user acount is most of the time more vonerable then the root account ?
Assuming you know the username then maybe. It depends on the strength of the users password. If they are only using private keys with passphrases then you probably won't be getting access that way with any account.
If they can hack the root they can defenatly hack a user account too. So i dont see any meaning of disabeling it.
If they can hack root they own the system and can do what they like. By disabling root you remove the option of this happening. Instead they have to try and compromise a user account. Once they compromise the user account, they then have to gain root access (assuming that is their goal). Why bother with the hassle. There are plenty of machines out there already with weak root passwords. If a hacker really wants into your system he will find a way.
Chris
True but the point is without the ssh root enabled there is nothing you can do about it to stop them if they change your user password
This is just a silly observation. If a hacker compromises your system, then generally it is time for a full re-install of the OS (unless of course you can prove they never gained root access or can track what they did as root - not easy).
If you have an account you use for su'ing to root then you make sure it is locked down. Private key + strong passphrase. A hacker is really not going to succeed if you do this. My firewall also only allows ssh connections from trusted sources.
If you REALLY want to continue this discussion, then take it off-line as we are generating a lot of non-informative noise now.
Chris _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
