On 3/21/07, Nicolas Mailhot <nicolas.mailhot@xxxxxxxxxxx> wrote:
Le mercredi 21 mars 2007 à 17:45 -0500, Arthur Pemberton a écrit : > On 3/21/07, Nicolas Mailhot <nicolas.mailhot@xxxxxxxxxxx> wrote: > > attackers *do* brute-force usernames, probably because root is usually > > secured but you can hope hitting a user account with no password > > > > install pam_abl. It will profile the attacks for you (for exemple on my > > system root is the most attacked user but this is dwarfed by one-shot > > dictionary-user tries) > > Hence my point of havign root login off by default. Hence my point that most attack scripts don't even care about root anymore :) Any user account will do, and they use common username databases
Yes, but root always exists. The others are purely hit and miss -- Fedora Core 6 and proud -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
