you are right, word "impossible" I should write with quotation marks ;), but I think, that if I say that I´m using private key (attacker can discover this very simply) only from my IP (this is, I think, only information saying: "try rader some much less secured machine") and allowed is only root is another sort of informations: "try rader less secured machine". But if you know how this sort of informations can help please be more accurate.
I had a big discussion about logging with another user and using su and I was discovered, that there are two very big sides: one side is convinced that this is big security improvement, but second side saying, that this is vain effort.
2008/5/11 Filipe Brandenburger <filbranden@xxxxxxxxx>:
On Sun, May 11, 2008 at 5:56 AM, happymaster23 <happymaster23@xxxxxxxxx> wrote:
> but its impossible to break my serverThese days it's very hard to state that. I would not bet any money on
it. The only way to be really sure the server cannot be hacked is to
disconnect the network cables (and maybe the power cables too!)
Consider using AllowUsers to a user other than root and then using
> I´m using private key allowed only from my IP and in AllowUsers
> is only root) so I don´t know, how is this possible.
"su" for extra protection.
Also consider that if you tell someone exactly what security measures
you are taking, that would help them come up with a strategy on how to
attack you.
Filipe
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
