ACK to this.
After it you should take some Port logging tools at Port 22 and you will
be surprised how many attacks miss cause of your "3 stage login security"
David Bruce schrieb:
If I can add my 2 cents, I recommend also changing the ssh port. It
cuts down on a lot of hack attempts.
-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx]
On Behalf Of Smith Jr, Harry E
Sent: Monday, June 02, 2008 11:56 AM
To: secureshell@xxxxxxxxxxxxxxxxx
Subject: RE: Allowing remote root login seems to be bad. Why?
I think the real question is what is the environment you are working in.
If the Linux is being installed on production machines then
Debian/Ubantu is the correct configuration. However, this is something
that all hardening rules check plus considerably more.
However, if you are in a development environment, then I lean to
Fedora/Red Hat with some of the hardening rules set ( No rsh ... )
Harry
-------------------------------------------------------------
Harry E Smith Jr.
Senior Staff System Engineering
(408) 473 6491 (work)
(408) 888 5209 (cell)
(877) 635 1529 (pager)
-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx]
On Behalf Of Mario Platt
Sent: Monday, June 02, 2008 8:36 AM
To: Ron Arts
Cc: secureshell@xxxxxxxxxxxxxxxxx
Subject: Re: Allowing remote root login seems to be bad. Why?
Hey,
Well in my opinion, debian guys are right, and for one reason only:
Logging.
If you login the machine with root, and everyone does it as well, you
will never know who is doing what. In the case of your machine being
only administered by yourself, and you have no sudo policies, it all
ends up being the same... mas in a multi admin environment, I think it's
an absolute must...
On Mon, Jun 2, 2008 at 9:29 AM, Ron Arts <ron@xxxxxxxxxxxxxx> wrote:
Hi,
today I found that different Linux distributions have various policies
regarding allowing remote root access. For example, The Redhat/Fedora
crowd seems to enable this on default installs, but the Debian/Ubuntu
don't, they recommend sudo.
I googled around but could not find why fedora allows it, and the
debian people just seem to have one reason: 'allowing remote root
access is bad, everybody knows that'.
Suppose I ensure that root has a very strong password, then does it
really matter either way?
Thanks,
Ron
--
Mit freundlichen Gruessen / Kind Regards
Mario Spiegel