Date: Thu, 03 Feb 2005 23:34:42 +0000 From: Chris Hodgins <chodgins@cis.strath.ac.uk> To: Gert Cuykens <gert.cuykens@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: ssh default security risc Message-ID: <4202B512.9080306@cis.strath.ac.uk> In-Reply-To: <ef60af09050203143220daf9f9@mail.gmail.com> References: <ef60af09050203143220daf9f9@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Gert Cuykens wrote: > By default the root ssh is disabled. If a dedicated server x somewhere > far far away doesn't have root ssh enabled the admin is pretty much > screwed if they hack his user account and change the user password > right ? > > So is it not better to enable it by default ? > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > Every unix box has a root account. Not every unix box has a jblogs account. Lets take the example of a brute-force attempt. The first thing I would do would be to attack roots password. I know the account exists. Might as well go for the big prize first. So having a root account enabled is definetly a bad thing. Chris
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4202B512.9080306>