From Security Wiki
Jump to navigationJump to search

This page contains guides and documentations for users and system administrators looking for security information.

For System Administrators

  • Configuring PAM with libcrack is the best way to avoid having user accounts compromised by ssh scanners. Implementing this will enable your system to prevent users from entering passwords that are easily guessable, by matching the user's new password against anything that could be discovered by Crack. (An additional benefit is that your shadow file is also protected from attackers using Crack, although if they already have your password file, your system has probably been completely compromised already).
  • Disable remote root ssh. Direct remote root logins used to be disallowed by default. Now openssh allows them by default. This document shows how to turn the capability off, and explains why.

For Web Site Administrators and Programmers

For Users