On Wed, Dec 08, 2004 at 10:15:23PM -0600, Ken Fuchs wrote:
> "Matthew S. Hallacy" wrote:
> 
> >If you really want to secure your system:
> >
> >1) stop using passwords entirely (use RSA/DSA keys)
> >2) filter ssh access to only known hosts (where possible)
> >3) Disable protocol 1 backwards compatibility
> >4) Disable authentication methods that you do not use, kerberos, rhosts, etc.
> >5) keep your sshd up to date
> 
> You forgot:
> 
> 6) Disable remote root login.
> 7) Disable sudo.
> 8) There are more, but I've said enough already. :)

You forgot:

9) unplug network cable
10) unplug power cable

-- 
trammell at el-swifto.com  9EC7 BC6D E688 A184 9F58  FD4C 2C12 CC14 8ABA 36F5
Twin Cities Linux Users Group (TCLUG)      Minneapolis/St. Paul, Minnesota

_______________________________________________
TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
Help beta test TCLUG's potential new home: http://plone.mn-linux.org
Got pictures for TCLUG? Beta test http://plone.mn-linux.org/gallery
tclug-list at mn-linux.org
https://mailman.real-time.com/mailman/listinfo/tclug-list