Re: A Topic that needs to be discussed on next the QA meeting..

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Mar 18, 2008 at 04:34:32AM -0700, Andrew Farris wrote:
> Alan Cox wrote:
> >
> >Root isn't the high risk. User accounts and sshd bugs are the high risk.
> 
> Well I understand why those are a high risk, but with root at least the 
> attacker knows the username, normal usernames is a double blind brute force 
> right?

It is enough on a creation of the first user account to drop
"PermitRootLogin without-password" into sshd_config, restart
sshd and root immediately ceases to be "high risk".  Other
risks remain but I am not sure if sshd is that prominent on that
list.

   Michal

-- 
fedora-test-list mailing list
fedora-test-list@xxxxxxxxxx
To unsubscribe: 
https://www.redhat.com/mailman/listinfo/fedora-test-list

[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux