On 28/01/14 15:24, Jon Danniken wrote: > Hello list, > > I recently came across a posting by an individual who got his > Debian machine compromised due to a number of security problems, one of > which was the default installation and running of sshd with > "PermitRootLogin = > Yes". in /etc/ssh/sshd_config. > > So I checked the Debian installation that I put on my laptop a month ago > (from the Wheezy net install CD), and sure enough I had the same > vulnerability > (I fixed it by changing the "PermitRootLogin" value). > > Fortunately I have been running behind my router, and remain unscathed,
dmsmasq != security :) It's a common mistake to believe that not having a machine *directly* accessible from the intertubes keeps it safe. > but it caused me to wonder what other vulnerabilities are present out of > the box that I need to address, especially if I should take the laptop > out with me and connect to a public network. > > Besides the sshd root login, what else do I need to disable/fix on this > machine? Keep updated, subscribe to the security list, read and follow the fine manual:- https://www.debian.org/doc/manuals/securing-debian-howto/ > > Thanks, > > Jon > > Kind regards -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/52e7430c.2010...@gmail.com