On 7/13/06, Bas Zoetekouw <[EMAIL PROTECTED]> wrote:
Hi Martin!
You wrote:
> Debian Server restored after Compromise
Kudos to debian-admin for sorting out the situation so quickly!
Yes!
> An investigation of developer passwords revealed a number of weak
> passwords whose accounts have been locked in response.
That's not good.
Should we maybe implement a stricter password policy? Or maybe only
allow pubkey ssh authentication?
I agree. pubkey ssh auth only, at least in servers with some core
services. I think the servers to support porters can be more flexible,
their downtime could hurt just one port and won't taint other services
nor the archive - not that this happened with gluck.
Btw, the exact compromised account was identified and locked too?
regards,
-- stratus
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
