[Hcoop-discuss] CGI/PHP script security

Davor Ocelic docelic at hcoop.net
Sun Nov 13 16:05:59 EST 2005


On Mon, Nov 07, 2005 at 10:28:33AM -0800, Chris Clearwater wrote:
> On Mon, 2005-11-07 at 09:18 +0530, Tanveer Singh wrote:
> > On 11/7/05, Adam Chlipala <adamc at hcoop.net> wrote:
> >         I don't think anyone has replied to this, so I'm not going to
> >         change
> >         anything about our set-up for now.
> > 
> > I was thinking about the argument of a DoS attack. We allow ssh to
> > hcoop. So an attacker can ssh as root and take over the entire server.
> > That is a bigger security vunerability.
> 
> I am pretty sure the default configuration of ssh is *not* to allow ssh
> from root. Unless the admins explicitly enabled that option, I don't
> think that is true.

Well, logging in as root over telnet was disabled by default, but
Linux distributions as well as Debian do allow root login over
ssh by default.

We explicitly turned it off very early in the setup process.

Rgds,
-doc




More information about the HCoop-Discuss mailing list