ssh default security risc

Danny Pansters danny at
Thu Feb 3 18:18:16 PST 2005

On Friday 4 February 2005 02:59, Gert Cuykens wrote:
> the engine to start. Enabeling the ssh root is like having the remote
> car key that opens every door at once so you can get in to kick his
> butt :)

You're overseeing one crucial thing. The attacker isn't really interested in 
any user account (that would merely be a means) she's interested in the root 
account (that would be the price). Enabling ssh login through root even 
though it goes through another port than 22 or even a static ssh program with 
some weird predefined account (call it toor ;-) nonetheless it opens a direct 
entry to the root account. Which wouldn't have been there otherwise. I've 
seen quite a few wizz bang admins at ISPs do just that. They think they can 
outsmart the attacker. Usually they won't.

Sure they can bruteforce a user account which does have ssh access also, but 
they're still one step ahead (and a good password policy is a big hurdle 
there). And is that user part of the wheel group (e.g. an admin)? If she 
ain't the attacker is now two steps behind. 

You also should note that rooted == rooted. All is over by then. Your box is 
completely unreliable. E.g. if an attacker can get physical access forget it, 
assume he's in and everywhere.

Security is about layers and in the best case totally different context and 
access rights and what have you between those layers. 


More information about the freebsd-questions mailing list