On Thu, 2002-04-25 at 22:43, Peter Kiem wrote: > Bret Hughes <[EMAIL PROTECTED]> said: > > > I am sure that is the case but improper use of cgi scripts, and know > > exploits do exist on lnux too. What I thought was interesting was the > > fact that a know openssh was explioted in less than an hour. > > I have connected a new server to the Internet and within minutes seen SSH > scans. > > > In fact I never let any machine even see the outside world until all > > errata updates are applied and I have disabled all the stuff that I > > don't need, and tweeked my config scripts especially sshd_config. > > Most definately. > > BTW, what tweaks do you do to SSH? All I usually do is disable protocol 1 > fallback. Is there anything else that I should be doing?
That and disable root access and allow only dsa key authentication ( password = no I think is is called) I am simply paraniod. Seems like ther is something else but I am too fried to go diffing right now :( Bret _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
