[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian Server restored after Compromise

On 7/13/06, Bas Zoetekouw <bas@debian.org> wrote:
Hi Martin!

You wrote:

> Debian Server restored after Compromise

Kudos to debian-admin for sorting out the situation so quickly!


> An investigation of developer passwords revealed a number of weak
> passwords whose accounts have been locked in response.

That's not good.
Should we maybe implement a stricter password policy?  Or maybe only
allow pubkey ssh authentication?

I agree. pubkey ssh auth only, at least in servers with some core
services. I think the servers to support porters can be more flexible,
their downtime could hurt just one port and won't taint other services
nor the archive - not that this happened with gluck.

Btw, the exact compromised account was identified and locked too?

-- stratus

Reply to: