LEAF'ers ==>
OK, so far, we're running exclusively as root user.
Usually, we consider the larger number of users, the less secure a given
system becomes.
Using ssh to remotely access the firewall and without telnet and ftp
allowed, the firewall appears to be moderately secure.
However, it bothers us that we can use Putty to connect from any machine
anywhere, as long as we know the root password! Somehow, we thought
that ssh would be more difficult ;<
Now that we have ``su'' working, it occurs to us that it might be
prudent -- and, considerably more secure? -- to dis-allow ssh root login
and create a couple mortal users, only a couple of whom know root
password.
How secure is our firewall?
How have others handled these issues?
What do you think?
--
Best Regards,
mds
mds resource
888.250.3987
"Dare to fix things before they break . . . "
"Our capacity for understanding is inversely proportional to how much we
think we know. The more I know, the more I know I don't know . . . "
_______________________________________________
Leaf-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/leaf-user
