Hello list, I recently came across a posting by an individual who got his Debian machine compromised due to a number of security problems, one of which was the default installation and running of sshd with "PermitRootLogin = Yes". in /etc/ssh/sshd_config.
So I checked the Debian installation that I put on my laptop a month ago (from the Wheezy net install CD), and sure enough I had the same vulnerability (I fixed it by changing the "PermitRootLogin" value). Fortunately I have been running behind my router, and remain unscathed, but it caused me to wonder what other vulnerabilities are present out of the box that I need to address, especially if I should take the laptop out with me and connect to a public network. Besides the sshd root login, what else do I need to disable/fix on this machine? Thanks, Jon -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/52e7310a.1050...@q.com
