Re: [Fwd: User account ( hacked ) of FC6 System]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thursday 08 February 2007 11:36:21 Les wrote:
> On Thu, 2007-02-08 at 13:36 +0800, edwardspl@xxxxxxxxxx wrote:
> > Les Mikesell wrote:
> > > edwardspl@xxxxxxxxxx wrote:
> > > > Tom Spec wrote:
> > > > > What do you mean by "solution"?  Do you want to stop people from
> > > > > logging in when they have the correct password?
> > > > >
> > > > > You should make your passwords strong enough so that people
> > > > > cannot (easily) guess/hack them.
> > > > > Don't allow people to log in as root remotely.
> > > > > You can limit where people can log in from by using iptables.
> > > > >
> > > > > Tom
> > > >
> > > > If there is ssh-telnet service for user...
> > > > Then is there a solution to fix the problem of hack ( although
> > > > someone who know the user's password, but they can't modify /
> > > > delete any profile files, so the user who can login to the server
> > > > nect time again ) ?
> > > > eg : limit user profile ( user account ) ?
> > > > if so, how to do this ?
> > > >
> > > > Edward.
> > >
> > > I think the real solution is to teach your user that it is important
> > > not to let others know his password if he hasn't figured that out
> > > himself yet.  And if others do need this access they should have
> > > their own accounts instead of being able to pretend to be someone
> > > else.
> >
> > Hello,
> >
> > But I think the user account ( profile files ) is also problem, so, I
> > want to know how limit the related files ( including the dot file ) !
> >
> > Edward.
> > --
>
> The only thing that the system "knows" about the user is the username
> and password.  If those are correct, as far as the computer is concerned
> the person driving the keys is supposed to have that level of access.
> There are other security methods that could be installed and used, such
> as key cards, randomizer tokens to choose periodic random passwords in
> sync with a randomizer server, or personal ID things such as fingerprint
> scanners or even facial recognition o name a few.  But these
> technologies are still quite new and the cost of implementation such
> scanners is quite high.
>
> Regards,
> Les H

Don't know if someone has already talked about it or not during the whole 
thread.
But...what if the user account which was hacked had some ssh-keys on it .ssh/
It might be stolen :-)

Just to keep this thread alive :-)

-- 
Un saludo,

        Manuel Arostegui
        Tecnico de Sistemas
        c/ Marques de Monteagudo 15, 4 -  28028 Madrid
        Tel. 91.1838494 - Fax. 91.1838495 - http://www.artica.es
        GNUPG Key  http://www.artica.es/gnupg/marostegui.asc

Este e-mail es confidencial y destinado únicamente a la  persona a la cual va
dirigido. Si Ud. no es el destinatario al cual va dirigido este e-mail o lo
recibe por error, queda advertido que cualquier uso, difusión, impresión o
copia de este mensaje está estrictamente prohibido. Si lo ha recibido por
error, por favor, notifíquelo al remitente del mensaje.


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux