sshd
mmarion at miguelito.org
mmarion at miguelito.org
Fri Jul 27 15:32:10 PDT 2001
On 27 Jul, Paul G. Allen wrote:
> negligent user, etc. There's also such thing as lousy passphrases ("cat",
> "dog", "dawg" come to mind) and incorrect permissions, as well as other
> issues (buffer overflows in ssh, ssl, rsaref).
Bad passphrases are user issues.. buffer overflows are fixed in new versions
(which is an admin issue... keep up with fixes) but I don't get the
permissions point. I can hand you my keyfile, but you still have to figure
out what the passphrase is... no, that wasn't a challenge. :P
BTW, I agree with what you said about most security issues being from inside.
Not only due to direct malicious deeds or screwups themselves, but due to
people just not following guidelines and opening new avenues for outsiders to
get in and cause their own mischief.
> Point taken though.
I think I was taking for granted the fact that most of us here have boxes that
would be considered by most people as firewalls. The vast majority of home
users won't so your point made that much more sense.
--
Mike Marion-Unix SysAdmin/Senior Engineer-Qualcomm-http://www.miguelito.org
[From the oxymoron dept]
"We fully support freedom of speech and freedom of the press, but we
believe the article ... is not acceptable,'' -- From a "Tongue Tied" article
at foxnews.com
More information about the KPLUG-List
mailing list