Computer Science Security Alerts
To be emailed any new alerts as they appear, or to cease being emailed such alerts, send email to securityalerts-request@cs. These can also be obtained via an Atom or RSS feed.

Tue, Apr 21, 2009

Defending against SSH password guessing attacks
If you run an SSH server on your computer so that you can log into it from outside, please make sure that all your accounts, particularly system ones like "root", have strong, hard-to-guess passwords, not short passwords or passwords based on dictionary words or names. Increasingly, many compromised machines on the internet are being used to try to connect to any SSH service they can find, using guessed logins and passwords. If you have SSH running on your machine, make sure all your passwords are hard to guess.

/advice     permanent link

CSLab Support Page
To be emailed any new alerts as they appear, or to cease being emailed such alerts, send email to securityalerts-request@cs. These can also be obtained via an Atom or RSS feed.

Blosxom

[Valid HTML 4.01 Transitional] [Valid RSS] [Valid Atom]