On Thu, 18 Jun 2009, Pamela J. Ashworth (webmail) wrote:
> thanks. Jay was going thru the logs last night but I didn't get a full
> report as it was late. He did change the unbelievably stupid password and
> also disallow anyone from logging in as root over ssh and scp. (scp is
> going to be a problem, I just know it.
I have the router translate port 567 external -> port 22 internal and do
nothing with 22 external, so whenever I log into my machine I have to use -p
567. Won't stop those attackers who do a port scan, but it weeds out the
script kiddies who try 22 then give up. So you're selecting a slightly
brighter class of attackers.
And yeah, disabling root logins over ssh/scp is a really good idea. That
way they have to guess three things (your login name, your password, and the
root password) to get root access instead of just one (the root password).
> anyway, hopefully he will come and investigate some more. it's actually
> time to upgrade several things, but he's been putting it off. and before
> we know it, it will be September, at which time it will be a royal pain to
> mess with the OS on a DVR. (it's just that every time he upgrades - things
> break - for weeks)
As soon as the S-video -> component adapters arrive AGAIN (so I can have
color) I'll try to learn enough about MythTV to get my [AN]TSC tuner card to
work with it. Gah.
--
-eben QebWenE01R@vTerYizUonI.nOetP royalty.mine.nu:81
If you need someone to blame
Throw a rock in the air
You'll hit someone guilty -- U2, _Zooropa_, "Dirty Day"
-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS). Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 20:18:13 EDT