Hi,I want to make ssh access to my system more secure and wonder what the best policy is?What I am thinking about is disabling root access and passwords altogether so one can only acces... [by themarvin2k]
on 02/16/2010 – Made popular on 02/16/2010
SSH is a great way to gain remote access to your computer. When you open the ports on your router (port 22 to be exact) you can not only access your SSH server from within your local network, but from anywhere in the world. However, you don't want to risk using a weak password for authentication.
Ive had some help setting up a vnc network at work so one computer can access another, for the sake of tech support, although after googling about vnc I wanted to test how secure it is from people with physical access to the machine, I was able to get the passwd file for vnc easily without root privilidges and the vnc man pages say that the password can be obtained from that, how is this done?
My friend has found a bug with sudo.
His organization has Linux laptops with no root access to users. Policy pushing is through Puppet.
twice he is able to access root.
Do you guys have any clue, how's that possible, usually
We have recently gotten a new system delivered to us. It's a standard Server 2008 and Windows 7 server-client solution with some tightened security. One of the new security policies have caused a little ruckus among us administrators.
The written policy stipulates that when sharing a resource (file or something) we must now set security on both NTFS and the share.
I have to access a certain set of Linux machines where control is governed by VPN access, and passwords on the individual systems are effectively not kept secure or secret (security through obscurity).
I have recently started work in application security at a mid-sized firm, having transitioned away from 5+ years in security consulting (pentesting, etc). One of the biggest challenges I see here from the start are that security scanners and other tools use root/Administrator access, since that is what vendors had told them to use, most likely because of the ease of configuration.