[CentOS] duqu

Wed Nov 30 18:50:38 UTC 2011
Les Mikesell <lesmikesell at gmail.com>

On Wed, Nov 30, 2011 at 12:42 PM, Rob Kampen <rkampen at kampensonline.com> wrote:
>> I've always wondered why something as complex as sshd doesn't do
>> anything to protect you from the simplest form of attack - like
>> rate-limiting failed attempts.
> Passwords?? Why?

Because they are there and enabled by default...

> Remote root login via ssh?? Why?

Because that is necessary (or a way to escalate to root) to do
anything useful like backups or remote administration.

> This is why they invented cyphers and rsa and 3des etc - use these and it
> makes it MUCH harder for the black hackers.

Sure, but you could just use a separate VPN to get in if you want to
make things complicated.  Ssh is mostly about being able to log in.

   Les Mikesell
    lesmikesell at gmail.com