Date: Thu, 20 Jan 2000 00:05:37 -0500 From: "Crist J. Clark" <cjc@cc942873-a.ewndsr1.nj.home.com> To: Jonathan Fortin <jonf@revelex.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: ssh. Message-ID: <20000120000537.C70698@cc942873-a.ewndsr1.nj.home.com> In-Reply-To: <001001bf6296$359d7030$0900000a@server>; from jonf@revelex.com on Wed, Jan 19, 2000 at 09:59:47AM -0600 References: <001001bf6296$359d7030$0900000a@server>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Jan 19, 2000 at 09:59:47AM -0600, Jonathan Fortin wrote: > > > Hi , > > > PermitRootLogin on or even tcp_wrapper wont help if a user backdoors /bin/login or sshd. > Try to keep track of the files checksum by making a crontab so it can email you once a day. > Just advise.. And someone who breaks in can easily fake that email. My personal solution (I know you are all dying for it)? Make sure root's .ssh directory is watched _very_ closely by Tripwire. Setup Tripewire to use read-only media (e.g. write protected floppy). -- Crist J. Clark cjclark@home.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000120000537.C70698>