| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: barrie at reboot-robot.net (Barrie Dempster) Subject: Re: Re: Any update on SSH brute force attempts? On Mon, 2004-10-18 at 14:01 +0100, Dave Ewart wrote: > Well yes, that's fair enough - however, allowing direct root access does > make certain things more straightforward, automated use of 'scp' etc. Yeh, but theres only a select few people crazy enough to scp files into places that require root access. People that fall into the more sane side of security use less error prone methods of updating configurations (which is what I'm guessing your using scp here for). There are very few valid reasons to have direct remote root access (so few I can't currently think of a one) remote admin tasks can be carried out by means other than login in directly as root. -- Barrie Dempster (zeedo) - Fortiter et Strenue http://www.bsrf.org.uk [ gpg --recv-keys --keyserver www.keyserver.net 0x96025FD0 ] -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20041018/dc44106c/attachment.bin
Powered by blists - more mailing lists