Need urgent help regarding security
Peter Jeremy
PeterJeremy at optushome.com.au
Thu Nov 17 23:04:47 PST 2005
On Fri, 2005-Nov-18 14:42:44 +1000, Timothy Smith wrote:
>i have seen a similar attack recently doing a brute force ssh. the
>number ONE weakness in most poorly run IT systems, is easy passwords.
>it's amazingly easy to brute force these systems using common names or
>variations of them.
I strongly recommend that you disable reusable passwords on any system
exposed to the Internet - RSA/DSA or OPIE are much harder to brute force.
You can also use AllowUsers to further limit exposure.
--
Peter Jeremy
More information about the freebsd-security
mailing list