ssh default security risc
danny at ricin.com
Thu Feb 3 18:18:16 PST 2005
On Friday 4 February 2005 02:59, Gert Cuykens wrote:
> the engine to start. Enabeling the ssh root is like having the remote
> car key that opens every door at once so you can get in to kick his
> butt :)
You're overseeing one crucial thing. The attacker isn't really interested in
any user account (that would merely be a means) she's interested in the root
account (that would be the price). Enabling ssh login through root even
though it goes through another port than 22 or even a static ssh program with
some weird predefined account (call it toor ;-) nonetheless it opens a direct
entry to the root account. Which wouldn't have been there otherwise. I've
seen quite a few wizz bang admins at ISPs do just that. They think they can
outsmart the attacker. Usually they won't.
Sure they can bruteforce a user account which does have ssh access also, but
they're still one step ahead (and a good password policy is a big hurdle
there). And is that user part of the wheel group (e.g. an admin)? If she
ain't the attacker is now two steps behind.
You also should note that rooted == rooted. All is over by then. Your box is
completely unreliable. E.g. if an attacker can get physical access forget it,
assume he's in and everywhere.
Security is about layers and in the best case totally different context and
access rights and what have you between those layers.
More information about the freebsd-questions