[BUGS] Constant SSH login spam
Martin Barry
marty at supine.com
Wed Feb 6 09:33:44 EST 2008
$quoted_author = "Edwin Groothuis" ;
>
> It's not to make your machine more secure, it's to save yourself
> the CPU cycles by these kind of attacks.
On the contrary, these servers have users. I know my passwords are good but
I can't prevent someone else doing something dumb. Yes, there are ways to
ensure passwords have a particular strength, but if someone else has root
access (doing 'passwd $user' as root usually circumvents strength checks) I
sleep better at night knowing that a dictionary attack has an extremely low
probability of succeeding.
cheers
marty
--
"It might have been the time we went for a pub lunch. He ordered food, and I
ordered a beer. After sitting down, He asked me what I was having for lunch
and I raised my glass. He protested I couldn't just have a beer for lunch,
so I went back to the bar and got a second beer." --Peter Corlett
alt.sysadmin.recovery - <egvs8m$r8b$1 at mooli.org.uk>
More information about the BUGS
mailing list