7 Dec
2011
7 Dec
'11
1:12 a.m.
2011/12/6 Fajar Priyanto fajarpri@arinet.org:
I happen to have a copy of an older brute-forcer dictionary here (somewhere) and it's very large and has lots of very secure-seeming passwords in it.
Why not don't allow root login from ssh? That's basic yet effective.
This particular brute-forcer didn't require root access to spread.
It can work under a normal user without root....
You miss my point.
I'd expect it to be at least typical to firewall direct ssh access from the internet.
--
Les Mikesell
lesmikesell@gmail.com