On Wed, Dec 08, 2004 at 10:15:23PM -0600, Ken Fuchs wrote: > "Matthew S. Hallacy" wrote: > > >If you really want to secure your system: > > > >1) stop using passwords entirely (use RSA/DSA keys) > >2) filter ssh access to only known hosts (where possible) > >3) Disable protocol 1 backwards compatibility > >4) Disable authentication methods that you do not use, kerberos, rhosts, etc. > >5) keep your sshd up to date > > You forgot: > > 6) Disable remote root login. > 7) Disable sudo. > 8) There are more, but I've said enough already. :) You forgot: 9) unplug network cable 10) unplug power cable -- trammell at el-swifto.com 9EC7 BC6D E688 A184 9F58 FD4C 2C12 CC14 8ABA 36F5 Twin Cities Linux Users Group (TCLUG) Minneapolis/St. Paul, Minnesota _______________________________________________ TCLUG Mailing List - Minneapolis/St. Paul, Minnesota Help beta test TCLUG's potential new home: http://plone.mn-linux.org Got pictures for TCLUG? Beta test http://plone.mn-linux.org/gallery tclug-list at mn-linux.org https://mailman.real-time.com/mailman/listinfo/tclug-list