-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

der.hans wrote:
|
| Yeah, it really annoys me that they continue to leave root logins on
| by default.

Yeah, that bugged me, too. I always go in and turn that off on fresh
installs.

| I also turn on X forwarding :).

On by default? As in "X11Forwarding yes" in /etc/sshd_config?

I've found that if you leave it set to no that you can still do X11
forwarding if the server has xauth installed and you pass the -X option
to ssh. What's the reasoning for turning it on by default? O.o

| So, maybe just blocking .cn and the other countries June mentioned
| for ssh and other authenticated services will help.

Actually, I didn't mention that, but it sure sounds like a good idea
that I hadn't thought of. I'm guessing a simple "ssh: *.cn" in the
hosts.deny file or something similar would do the trick, right?

| Presumably she knows whether or not she'll be in .cn in the next few
| days, which gives time to open up the firewall if necessary :).

Ironically, I just might be travelling out there sometime in the next
few months. Probably won't be doing anything on the 'net out there,
though. =o)

- --
June Tate * http://www.theonelab.com * june@theonelab.com

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFBv10KiLw1iDrV/zwRAh4fAJ9cIR7fWcqdK82awv7o21OWmLDLlwCfakjr
R6x9uj3v/ljmfmgzyqdL7zU=
=shue
-----END PGP SIGNATURE-----
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change  you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss