Douglas Allan Tutty wrote in Article <[EMAIL PROTECTED]> posted to gmane.linux.debian.user:
> If I have two boxes, with two users, linked by ethernet and one box is > on dial-up to the ISP, with nothing listening on external ports except > the ntp daemon, what is a reasonable stance on security? Probably, yes. > Given that anyone who breaks into the house will have physical access to > the consoles anyway, do I need a whiz-bang long root password, strong > passwords on the regular uses, and all the other hypervigalance? Yes. It's not necessarily what's on the machine, but how it's resources can be abused. Most spam is sent from compromised systems of various types. > If ssh isn't even listening on external interfaces, does it matter if I > allow root to ssh (useful for rsyncing backups between the boxes)? I would recommend against allowing root ssh just in case. It's not that hard to sudo anyway. -- Paul Johnson Email and IM (XMPP & Google Talk): [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
