Date: Thu, 3 Feb 2005 16:54:01 -0800 From: FreeBSD questions mailing list <FreeBSD@amadeus.demon.nl> To: Gert Cuykens <gert.cuykens@gmail.com> Cc: freebsd <freebsd-questions@freebsd.org> Subject: Re: ssh default security risc Message-ID: <bf55966e0db107001d1dd92afb1e62e2@amadeus.demon.nl> In-Reply-To: <ef60af090502031604391fcbd6@mail.gmail.com> References: <ef60af09050203143220daf9f9@mail.gmail.com> <4202B512.9080306@cis.strath.ac.uk> <ef60af09050203153670e8f27f@mail.gmail.com> <4202BC4E.4090809@cis.strath.ac.uk> <ef60af090502031604391fcbd6@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
>> >>> >>> If they can hack the root they can defenatly hack a user account too. >>> So i dont see any meaning of disabeling it. >> >> If they can hack root they own the system and can do what they like. >> By >> disabling root you remove the option of this happening. Instead they >> have to try and compromise a user account. Once they compromise the >> user account, they then have to gain root access (assuming that is >> their >> goal). Why bother with the hassle. There are plenty of machines out >> there already with weak root passwords. If a hacker really wants into >> your system he will find a way. >> >> Chris > > True but the point is without the ssh root enabled there is nothing > you can do about it to stop them if they change your user password > You really need to look at it from a different point of view... If you want to prevent people from breaking into your car you lock the doors. Don't say "If they break the locks and get in, I can't use my key anymore. So keep the doors unlocked", do you? My point of view... Arno
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bf55966e0db107001d1dd92afb1e62e2>