ssh default security risc
Chris Hodgins
chodgins at cis.strath.ac.uk
Thu Feb 3 15:30:08 PST 2005
Gert Cuykens wrote:
> By default the root ssh is disabled. If a dedicated server x somewhere
> far far away doesn't have root ssh enabled the admin is pretty much
> screwed if they hack his user account and change the user password
> right ?
>
> So is it not better to enable it by default ?
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
>
Every unix box has a root account. Not every unix box has a jblogs
account. Lets take the example of a brute-force attempt. The first
thing I would do would be to attack roots password. I know the account
exists. Might as well go for the big prize first.
So having a root account enabled is definetly a bad thing.
Chris
More information about the freebsd-questions
mailing list