sjansen at buscaluz.org
Sun Apr 5 21:58:25 MDT 2009
On Sun, 2009-04-05 at 21:44 -0600, Jessie Morris wrote:
> On Sunday 05 April 2009 9:31:17 pm Doran L. Barton wrote:
> > Or, better yet, don't log in remotely as root, period. In
> > /etc/ssh/sshd_config:
> > PermitRootLogin no
> > It's one of the first things I do on just about any Linux box.
> Couldn't you get around that quite easily by logging in as a normal user then
> running "su"?
That's the point. It doubles the number of accounts an attacker has to
compromise. It also creates an audit trail so you know which co-worker
needs to be "educated" after taking down a productions system. All
without making the system noticeably harder to manage.
"XML is like violence: if it doesn't solve your problem, you aren't
using enough of it." - Chris Maden
More information about the PLUG