Arthur Pemberton wrote:
On 3/21/07, Nicolas Mailhot <nicolas.mailhot@xxxxxxxxxxx> wrote:
Le mercredi 21 mars 2007 à 17:45 -0500, Arthur Pemberton a écrit :
> On 3/21/07, Nicolas Mailhot <nicolas.mailhot@xxxxxxxxxxx> wrote:
> > attackers *do* brute-force usernames, probably because root is
usually
> > secured but you can hope hitting a user account with no password
> >
> > install pam_abl. It will profile the attacks for you (for exemple
on my
> > system root is the most attacked user but this is dwarfed by one-shot
> > dictionary-user tries)
>
> Hence my point of havign root login off by default.
Hence my point that most attack scripts don't even care about root
anymore :) Any user account will do, and they use common username
databases
Yes, but root always exists. The others are purely hit and miss
Exactly - root exists and the attackers know this. For other users, both
the usernames AND their passwords will have to be bruteforced...
/Thomas
--
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list
