Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 13 Aug 2004 14:33:04 -0400
From:      "Peter C. Lai" <sirmoo@cowbert.net>
To:        Mohacsi Janos <mohacsi@niif.hu>
Cc:        freebsd-security@freebsd.org
Subject:   Re: sequences in the auth.log
Message-ID:  <20040813183304.GU346@cowbert.net>
In-Reply-To: <20040813160928.M82373@mignon.ki.iif.hu>
References:  <411CCAAE.7020505@beco.hu> <20040813160928.M82373@mignon.ki.iif.hu>

next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Aug 13, 2004 at 04:14:29PM +0200, Mohacsi Janos wrote:
> Hi Sandor,
> 	You don't have to worry, unless you have user 'test', 'guest', 
> 'admin', 'root' with poor password: typically same or very similar to your 
> accountname. There seems to be a script around the hackers to scan SSH and 
> gain access to poorly configured servers.... Unfortunately they are plenty 
> of badly configured servers. May be you should disable root access via SSH 
> password (only via keys).

Disabling root login via ssh will still cause 'failed password' entries in 
syslog. (on openssh 3.7 anyway)

-- 
Peter C. Lai
University of Connecticut
Dept. of Molecular and Cell Biology
Yale University School of Medicine
SenseLab | Research Assistant
http://cowbert.2y.net/



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040813183304.GU346>