MLUG: Mizzou Linux Users GroupHome | FAQ | Server | Presentations | Mailing Lists/Archives | Member Tools | Links | Sponsors | Contact
MLUG: RE: [MLUG] Debian SSH root access keys
RE: [MLUG] Debian SSH root access keys
Email address obfuscation in effect -- please click here to turn it off.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 
Glad I have sshblacklist installed and working.  I was just starting to
see a drop in ssh hacks too.

--
Daniel Nowlin
DataCenter Tech III
TelCom DataCenter

-----Original Message-----
From: EMAIL:PROTECTED
[mailto:EMAIL:PROTECTED] On Behalf Of Mike Miller
Sent: Thursday, May 15, 2008 18:53
To: MLUG Members
Subject: Re: [MLUG] Debian SSH root access keys

On Thu, 15 May 2008, Daniel Nowlin wrote:

> I know what you mean Mike.  I have ran MDK, FC, and not CentOS and I 
> have NEVER let root have ssh access.  No need that is what sudo is
for. 
> And if you have a lot of root stuff to do and do/can not get to the 
> machine then just su to root.  Now I wonder if you ssh in as a user if

> this vulnerability will work.


Apparently it does work for other users.  That's what I'm hearing. 
Anyway, the thing is, most script kiddies are just going to start 
attacking root for now.  Why mess with a bunch of other possible user 
names?  Maybe when that fails they'll try some other usernames. 
Meanwhile, boxes are being patched so we're ready.

Mike

_______________________________________________
members mailing list
EMAIL:PROTECTED
http://mlug.missouri.edu/mailman/listinfo/members

_______________________________________________
members mailing list
EMAIL:PROTECTED
http://mlug.missouri.edu/mailman/listinfo/members
Questions? Comments? Feel free to contact MLUG.
DMCA and other copyright information.