This link has been bookmarked by 4 people . It was first bookmarked on 15 May 2008, by Daniel Andrlik.
-
16 May 08
-
15 May 08
-
Daniel AndrlikOkay, if you still have your box configured to allow remote logins as "root", then you deserve anything you get. Otherwise, start using strong passphrases (not a password, those are too easy), or if you can swing it with your work flow, use an ssh key rather than a text-based login. It's less convenient in some ways, but it's worth your time. Honestly, I'm a little behind here as I've intended to switch more of my systems over to private keys for a while now, but on half I still login with a username and a strong passphrase.
Also, while we are at it, just a reminder that security through obscurity doesn't work in the long run. You can reduce the effectiveness of automated attacks by running ssh on a different port, but don't think that's going to be an effective long-range solution. If someone wants in, they **will** find the ssh port, so it's up to you to get the rest of your security together.
This all goes for you Apple folks too.-
Data from the three systems suggests that brute-force attackers often attempt to validate using "root." Attacks with this username accounted for 25.7 percent of the total login attempts observed. The password chosen often matched the login (i.e., root/root or guest/guest), or was a simple derivative of the login (Michael/Mike or William/Bill). When put side by side, the list of attempted passwords for each of the three honeypots shows a surprising amount of correlation.
-
-
Would you like to comment?
Join Diigo for a free account, or sign in if you are already a member.