Le Mar 20 mars 2007 10:11, Alexander Boström a écrit : > mån 2007-03-19 klockan 15:21 +0530 skrev Rahul Sundaram: >> Hi >> >> Been fiddling with a installation of Fedora 7 Test 2 from the Live CD >> and it still enables way too may daemons by default. > > Oh, is the SSH server still enabled by default (if you install the > openssh-server package)? > > Because if it is, pretty pretty please disable it! > > People don't use good passwords and they don't realize that their > password can be used remotely. Giving millions of people an sshd they > don't know or care about is a recipe for zombie machines and bad > security reputation. Disabling ssh is not a good solution, many people need it. However the default fedora ssh setup is woefully insecure At least ssh rate-limiting should be in the default firewall install. Pam_abl would be even better (for other network services) Haven't we sat on this problem too long already ? -- Nicolas Mailhot -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
