On Mon, May 15, 2000 at 04:45:38PM +0530, Robin Chatterjee typed:
> though if you are using telnet theres no reason why someone can't telnet to
> the box and use su to become root. hence securetty is pretty useless. use
> ssh if you need security. get rid of securetty otherwise :)
>
Flawed logic.
To get root access on your box if you have disabled telnet as root
(the default setup), a cracker would have to :
1) Figure out a valid username
2) Crack that user's password
3) Then crack the root password
With root telnet enabled you've lost the protection of the first 2
steps.
Now, does securetty appear *that* useless ?
Kala
-----------------------------------------------------------------------
LIH is all for free speech. But it was created for a purpose - to help
people discuss issues about installing and running Linux. If your
messages are counterproductive to this purpose, your privileges to
submit messages can and will be revoked.
