Date: Fri, 18 Nov 2005 18:04:42 +1100 From: Peter Jeremy <PeterJeremy@optushome.com.au> To: freebsd-security@freebsd.org Subject: Re: Need urgent help regarding security Message-ID: <20051118070442.GQ39882@cirb503493.alcatel.com.au> In-Reply-To: <437D5BC4.5000700@open-networks.net> References: <20051117012552.46503.qmail@web51607.mail.yahoo.com> <FE4A7F05-6522-4C47-9044-4A4B11E47A95@ircnet.se> <437D5BC4.5000700@open-networks.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 2005-Nov-18 14:42:44 +1000, Timothy Smith wrote: >i have seen a similar attack recently doing a brute force ssh. the >number ONE weakness in most poorly run IT systems, is easy passwords. >it's amazingly easy to brute force these systems using common names or >variations of them. I strongly recommend that you disable reusable passwords on any system exposed to the Internet - RSA/DSA or OPIE are much harder to brute force. You can also use AllowUsers to further limit exposure. -- Peter Jeremy
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20051118070442.GQ39882>