ssh default security risc
FreeBSD questions mailing list
FreeBSD at amadeus.demon.nl
Thu Feb 3 16:54:03 PST 2005
>>
>>>
>>> If they can hack the root they can defenatly hack a user account too.
>>> So i dont see any meaning of disabeling it.
>>
>> If they can hack root they own the system and can do what they like.
>> By
>> disabling root you remove the option of this happening. Instead they
>> have to try and compromise a user account. Once they compromise the
>> user account, they then have to gain root access (assuming that is
>> their
>> goal). Why bother with the hassle. There are plenty of machines out
>> there already with weak root passwords. If a hacker really wants into
>> your system he will find a way.
>>
>> Chris
>
> True but the point is without the ssh root enabled there is nothing
> you can do about it to stop them if they change your user password
>
You really need to look at it from a different point of view...
If you want to prevent people from breaking into your car you lock the
doors.
Don't say "If they break the locks and get in, I can't use my key
anymore. So keep the doors unlocked", do you?
My point of view...
Arno
More information about the freebsd-questions
mailing list