>> On Tue, 2011-06-21 at 13:59 +0100, Dave Hanson wrote: >>> > Hello Everyone, > I've cracked it...
You're not the only one ;-) I'd personally avoid making webmin publicly available. Consider using iptables or (ufw) to restrict access to your IP if you have a static, or you could only allow access to the webmin port from localhost and connect via an ssh socks proxy to that port. Webmin's a bit if a target for attackers and has a long history of vulnerabilities.... Also, with ssh access consider using fail2ban, or better yet restricting access by IP :-)
-- [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
