On 01/04/2012 10:59 PM, Lamar Owen wrote:
[Distilling to the core matter; everything else is peripheral.]
<snip>
It is a safe assumption that there are httpd exploits in the wild, that are not known by the apache project, that specifically attempt to grab /etc/shadow and send to the attacker. It's also a safe assumption that the attacker will have sufficient horsepower to crack your password from /etc/shadow in a 'reasonable' timeframe for an MD5 hash. So you don't allow password authentication and you're not vulnerable to a remote /etc/shadow brute-forcing attack regardless of how much horsepower the attacker can throw your way, and regardless of how the attacker got your /etc/shadow (you could even post it publicly and it wouldn't help them any!).
Excellent text. This should be published on some Blog, or CentOS wiki maybe.
Thank you for this. Concise and practical. Wow. Thanks again!