Re: how to react on ssh attacks?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
Subject: Re: how to react on ssh attacks?
From: Les Mikesell <lesmikesell@xxxxxxxxx>
Date: Tue, 25 Oct 2005 13:33:17 -0500
In-reply-to: <1130258582.8020.12.camel@xxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:[email protected]?subject=help>
List-id: For users of Fedora Core releases <fedora-list.redhat.com>
List-post: <mailto:[email protected]>
List-subscribe: <https://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=subscribe>
List-unsubscribe: <https://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=unsubscribe>
References: <435CAE21.3020701@xxxxxxxx> <1130199979.21686.56.camel@xxxxxxxxxxxxx> <1130204010.10289.29.camel@xxxxxxxxxxxxxxxxxxxxx> <04d501c5d904$e3393180$1e00a8c0@prvd321> <Pine.LNX.4.64.0510242052200.3094@xxxxxxxxxxxxxxxx> <1130258582.8020.12.camel@xxxxxxxxxxxxxxxxxxxxx>
Reply-to: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>

On Tue, 2005-10-25 at 11:43, Michael A. Peters wrote:

> Furthermore, if you ssh in as root - there is no accountability.
> If you ssh in as a user and then su to root, that action is recorded in
> the log files - and you know who logged into root and when.

Well, sort-of.  After su-ing to root, that person has the
ability to alter the logs - and the programs you might use
to view the logs.

-- 
  Les Mikesell
    lesmikesell@xxxxxxxxx

Follow-Ups:
- Re: how to react on ssh attacks?
  - From: Joel Jaeggli

References:
- how to react on ssh attacks?
  - From: Stephanus Fengler
- Re: how to react on ssh attacks?
  - From: Jeff Vian
- Re: how to react on ssh attacks?
  - From: Michael A. Peters
- Re: how to react on ssh attacks?
  - From: Danny Terweij - Net Tuning | Net
- Re: how to react on ssh attacks?
  - From: Joel Jaeggli
- Re: how to react on ssh attacks?
  - From: Michael A. Peters

Prev by Date: Re: bash trick - prefixing a command?
Next by Date: Re: bash trick - prefixing a command?
Previous by thread: Re: how to react on ssh attacks?
Next by thread: Re: how to react on ssh attacks?
Index(es):
- Date
- Thread

[Index of Archives] [Current Fedora Users] [Fedora Desktop] [Fedora SELinux] [Yosemite News] [Yosemite Photos] [KDE Users] [Fedora Tools] [Fedora Docs]