Re: duqu

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Wed, Nov 30, 2011 at 12:42 PM, Rob Kampen <rkampen@xxxxxxxxxxxxxxxxx> wrote:
>
>> I've always wondered why something as complex as sshd doesn't do
>> anything to protect you from the simplest form of attack - like
>> rate-limiting failed attempts.
>>
>>
>
> Passwords?? Why?

Because they are there and enabled by default...

> Remote root login via ssh?? Why?

Because that is necessary (or a way to escalate to root) to do
anything useful like backups or remote administration.

> This is why they invented cyphers and rsa and 3des etc - use these and it
> makes it MUCH harder for the black hackers.

Sure, but you could just use a separate VPN to get in if you want to
make things complicated.  Ssh is mostly about being able to log in.

-- 
   Les Mikesell
    lesmikesell@xxxxxxxxx
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux