On Thu, 3 Feb 2005 22:54:14 -0800,
Ted Mittelstaedt [EMAIL PROTECTED] said:
restrictions somehow doesen't exist. Not to mention that even without a
static IP assigned
to your home or other locations that you normally ssh in from, it's
pretty
simple to block off huge chunks of the
-Original Message-
From: Sandy Rutherford [mailto:[EMAIL PROTECTED]
Sent: Saturday, February 05, 2005 12:48 AM
To: Ted Mittelstaedt
Cc: Giorgos Keramidas; Gert Cuykens; freebsd-questions@freebsd.org;
Chris Hodgins
Subject: RE: ssh default security risc
On Thu, 3 Feb 2005 22:54
On 2005-02-03 22:54, Ted Mittelstaedt [EMAIL PROTECTED] wrote:
Giorgos Keramidas wrote:
On 2005-02-04 01:04, Gert Cuykens [EMAIL PROTECTED] wrote:
On Fri, 04 Feb 2005 00:05:34 +, Chris Hodgins
[EMAIL PROTECTED] wrote:
True but the point is without the ssh root enabled there is
nothing you
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Giorgos
Keramidas
Sent: Friday, February 04, 2005 12:09 AM
To: Ted Mittelstaedt
Cc: freebsd-questions@freebsd.org
Subject: Re: ssh default security risc
[snip great advice about securing ssh
On Fri, Feb 04, 2005 at 01:04:34AM +0100, Gert Cuykens wrote:
On Fri, 04 Feb 2005 00:05:34 +, Chris Hodgins
[EMAIL PROTECTED] wrote:
Gert Cuykens wrote:
On Thu, 03 Feb 2005 23:34:42 +, Chris Hodgins
[EMAIL PROTECTED] wrote:
Gert Cuykens wrote:
By default the root ssh is
In this scenario the box has already been compromised and needs
serious attention now. Even if you have to go to the land of Far Far
away :)
On Thu, 3 Feb 2005 23:32:18 +0100, Gert Cuykens [EMAIL PROTECTED] wrote:
By default the root ssh is disabled. If a dedicated server x somewhere
far far
Gert Cuykens wrote:
By default the root ssh is disabled. If a dedicated server x somewhere
far far away doesn't have root ssh enabled the admin is pretty much
screwed if they hack his user account and change the user password
right ?
So is it not better to enable it by default ?
On Thu, 03 Feb 2005 23:34:42 +, Chris Hodgins
[EMAIL PROTECTED] wrote:
Gert Cuykens wrote:
By default the root ssh is disabled. If a dedicated server x somewhere
far far away doesn't have root ssh enabled the admin is pretty much
screwed if they hack his user account and change the
Gert Cuykens wrote:
On Thu, 03 Feb 2005 23:34:42 +, Chris Hodgins
[EMAIL PROTECTED] wrote:
Gert Cuykens wrote:
By default the root ssh is disabled. If a dedicated server x somewhere
far far away doesn't have root ssh enabled the admin is pretty much
screwed if they hack his user account and
On Fri, 04 Feb 2005 00:05:34 +, Chris Hodgins
[EMAIL PROTECTED] wrote:
Gert Cuykens wrote:
On Thu, 03 Feb 2005 23:34:42 +, Chris Hodgins
[EMAIL PROTECTED] wrote:
Gert Cuykens wrote:
By default the root ssh is disabled. If a dedicated server x somewhere
far far away doesn't have
Gert Cuykens wrote:
On Fri, 04 Feb 2005 00:05:34 +, Chris Hodgins
[EMAIL PROTECTED] wrote:
Gert Cuykens wrote:
On Thu, 03 Feb 2005 23:34:42 +, Chris Hodgins
[EMAIL PROTECTED] wrote:
Gert Cuykens wrote:
By default the root ssh is disabled. If a dedicated server x somewhere
far far away
If they can hack the root they can defenatly hack a user account too.
So i dont see any meaning of disabeling it.
If they can hack root they own the system and can do what they like.
By
disabling root you remove the option of this happening. Instead they
have to try and compromise a user
You're right, if they hack your account and change your password,
you're stuck. You can't log in and get it back. You CAN call your
provider up (who presumably has local access) and ask them to boot
into single user mode, or login directly, and change your pass/delete
the account. You can
On Thu, 3 Feb 2005 16:54:01 -0800, FreeBSD questions mailing list
[EMAIL PROTECTED] wrote:
You really need to look at it from a different point of view...
If you want to prevent people from breaking into your car you lock the
doors.
Don't say If they break the locks and get in, I can't use my
On Friday 4 February 2005 02:59, Gert Cuykens wrote:
the engine to start. Enabeling the ssh root is like having the remote
car key that opens every door at once so you can get in to kick his
butt :)
You're overseeing one crucial thing. The attacker isn't really interested in
any user account
On 04 feb 2005, at 02:59, Gert Cuykens wrote:
On Thu, 3 Feb 2005 16:54:01 -0800, FreeBSD questions mailing list
[EMAIL PROTECTED] wrote:
You really need to look at it from a different point of view...
If you want to prevent people from breaking into your car you lock the
doors.
Don't say If they
On Fri, 4 Feb 2005 03:33:41 +0100, FreeBSD questions mailing list
[EMAIL PROTECTED] wrote:
On 04 feb 2005, at 02:59, Gert Cuykens wrote:
On Thu, 3 Feb 2005 16:54:01 -0800, FreeBSD questions mailing list
[EMAIL PROTECTED] wrote:
You really need to look at it from a different point of
On 2005-02-04 01:04, Gert Cuykens [EMAIL PROTECTED] wrote:
On Fri, 04 Feb 2005 00:05:34 +, Chris Hodgins
[EMAIL PROTECTED] wrote:
True but the point is without the ssh root enabled there is nothing
you can do about it to stop them if they change your user password
What user password? You
On 2005-02-04 02:59, Gert Cuykens [EMAIL PROTECTED] wrote:
[snip most of barbarous child beating suggestions]
Enabeling the ssh root is like having the remote car key that opens
every door at once [snip]
Which is much easier to lose at a cafeteria on a trip somewhere up North
and then discover
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Giorgos
Keramidas
Sent: Thursday, February 03, 2005 10:01 PM
To: Gert Cuykens
Cc: freebsd-questions@freebsd.org; Chris Hodgins
Subject: Re: ssh default security risc
On 2005-02-04 01:04, Gert
20 matches
Mail list logo