[plug] hiding service banner
Craig Ringer
craig at postnewspapers.com.au
Mon Aug 16 01:41:33 WST 2004
On Sat, 2004-08-14 at 20:51, Bernard Blackham wrote:
> On a similar note, there's an ssh worm going about that exploits
> user accounts with trivial usernames and passwords (like test/test
> guest/guest, etc). I doubt it'd care what the banner said :)
> (albeit, obscuring your security by running sshd on a non-standard
> port would lessen the likelyhood of you being hit, but you'd be
> silly to have an account test/test on a machine on the internet ...)
A good solution to this is to _require_ RSA keys for authentication. No
keys, no login. This is great if you have the sort of users who need to
write down their passwords ... when the password is their login name.
--
Craig Ringer
More information about the plug
mailing list