Best practices for securing SSH server
wojtek at wojtek.tensor.gdynia.pl
Tue Jun 23 09:21:19 UTC 2009
>> 99% of crack attempts are done by "kevin mitnick" methods, not password
> Absolutely true. Mitnick was an early exponent of Social Engineering
> attacks, which are still the easiest and most effective methods for
Mitnick just chose the best possible friend - human stupidity. It never
> breaking computer security. Now, if we could just get rid of all the
> users, our lives as Sys Admins would be a whole lot easier...
Just make sure that one user can't do mess to others, and to log every
logins. Then it's no more your problem, as users can only hurt themselves.
Don't care about their security if they don't care by themselves.
> [*] It's amazing how many people, when you tell them to use a mix of
> upper and lower case letters, just capitalize the *first* letter of
> their password.
because most people don't understand what are passwords for. They just
treat them as a part of required ceremony.
More information about the freebsd-questions