der.hans wrote:
|
| Yeah, it really annoys me that they continue to leave root logins on
| by default.
Yeah, that bugged me, too. I always go in and turn that off on fresh
installs.
| I also turn on X forwarding :).
On by default? As in "X11Forwarding yes" in /etc/sshd_config?
I've found that if you leave it set to no that you can still do X11
forwarding if the server has xauth installed and you pass the -X option
to ssh. What's the reasoning for turning it on by default? O.o
| So, maybe just blocking .cn and the other countries June mentioned
| for ssh and other authenticated services will help.
Actually, I didn't mention that, but it sure sounds like a good idea
that I hadn't thought of. I'm guessing a simple "ssh: *.cn" in the
hosts.deny file or something similar would do the trick, right?
| Presumably she knows whether or not she'll be in .cn in the next few
| days, which gives time to open up the firewall if necessary :).
Ironically, I just might be travelling out there sometime in the next
few months. Probably won't be doing anything on the 'net out there,
though. =o)
- --
June Tate *
http://www.theonelab.com *
june@theonelab.com
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
(text/plain)