Re: PermitRootLogin enabled by default

To: Christian Egli <christian.egli@wyona.com>
Cc: Simon Kirby <sim@netnation.com>, Debian-Security <debian-security@lists.debian.org>
Subject: Re: PermitRootLogin enabled by default
From: John Galt <galt@inconnu.isu.edu>
Date: Wed, 26 Jun 2002 18:19:12 -0600 (MDT)
Message-id: <[🔎] Pine.LNX.4.44.0206261818020.5070-100000@inconnu.isu.edu>
Mail-followup-to: galt@inconnu.isu.edu
In-reply-to: <[🔎] 87sn3aqdqn.fsf@wyona.com>

That's how monkey.org got taken over--they SCREENed a su, and the attacker 
reattached it after getting as user via EPIC...

On 26 Jun 2002, Christian Egli wrote:

>
>Simon Kirby <sim@netnation.com> writes:
>
>> Using "su root" later is worse than just logging in as root with a key.
>
>I cannot understand why using "su root" later would be worse. Can you
>enlighten me?
>
>

-- 
FINE, I take it back: UNfuck you!

Who is John Galt?  galt@inconnu.isu.edu, that's who!

-- 
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

Follow-Ups:
- Re: PermitRootLogin enabled by default
  - From: Alvin Oga <aoga@Maggie.Linux-Consulting.com>

References:
- Re: PermitRootLogin enabled by default
  - From: Christian Egli <christian.egli@wyona.com>

Prev by Date: Re: openssh packages not vulnerable
Next by Date: Re: PermitRootLogin enabled by default
Previous by thread: Re: PermitRootLogin enabled by default
Next by thread: Re: PermitRootLogin enabled by default
Index(es):
- Date
- Thread