> -----Original Message----- > From: Alan McKinnon [mailto:[EMAIL PROTECTED] > Sent: 22 February 2007 17:33 > To: [email protected] > Subject: Re: [gentoo-user] OT - Some miscellanous questions about hack > attacks and dealing with them > > By far the most common attack vector is weak user names and passwords > accessed via ssh. Solution is a sensbile password policy, or > allow ssh > access only via keys. >
I agree. Until I have the time and effort to set up key based authentication I have disabled root logon via SSH and set all users passwords to 10 to 15 random character passwords. Check /var/log/secure.log on any webserver. On both of mine I see lots (and I mean thousands) of attacks where people try common user names and weak passwords (apache, awstats, mysql, admin, etc and common forenames... ) Running SSH on a port other than 22 is possible and potentially more secure. -- djn I do not represent anyone else in emails I send to this list. -- [email protected] mailing list
