Re: same root and user password by default
bug1 wrote:
> Thoughts ?
There's lots of ways a user can unwittingly leak out their user password --
they telnet or ftp into their machine for instance, and the attacker
sniffs the wire.
If I were cracking a Debian machine, and I had cracked user id 1001 by
getting ahold of the passowrd, the very first thing I would do is try
the password on the root account. I'll bet it'd already work a fair percent
of the time. No need to raise that percentage..
--
see shy jo
Reply to: