|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PLUG] Increase in SSH break-in attempts?
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Tue, April 26, 2005 11:28 am, Art Alexion said:
> I have a system that uses 'sudo <command>' instead of 'su', though I
> have created a real root account in addition. Does this create a
> greater risk for root break-ins?
>
> Chris wrote:
>
Using sudo or su does have some connection to the issue, but not that
much. The disadvantage of sudo is that if a user on your server is
cracked, and the cracker knows the passowrd, he can use that password for
whatever sudo commands the compromised user is allowed to execute. Make
sure you don't have any important commands that have 'NOPASSWD'. I
restricted my system to using sudo, and only people in a certain group can
actually execute /bin/su.
Hope this helps,
- -Cos
- --
GPG key fingerprint = DE9F 4664 E666 2BD1 903E 4F4D EA31 5FB1 C7F9 08C1
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFCbmFZ6jFfscf5CMERApngAKCwZYUJgcxKWxACPiaI7SEVZ9mJcgCfRDOb
Uj04QZoRrhPQY0BIenyCv8w=
=5Jgk
-----END PGP SIGNATURE-----
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|