cross-platform virus
Pete Ryland
pdr at pdr.cx
Sun Apr 9 09:57:04 BST 2006
On Sun, Apr 09, 2006 at 05:59:11 +1000, Sasha Tsykin wrote:
> Cybe R. Wizard wrote:
> >On Sun, 09 Apr 2006 12:17:13 +1000
> >Sasha Tsykin <stsykin at gmail.com> wrote:
> >
> >>I don't see why we should use sudo. It seems much more secure to just
> >>create an admin or root account, like almost every other Linux
> >>distribution in existence.
> >
> >Want to crack a box? Everyone has a root account, you only need to
> >crack the password. Want to crack an Ubuntu box? First, guess the
> >username, /then/ you can move to cracking the password. An extra
> >security step is involved wherein one doesn't even have something (root)
> >to start with. It's would take a hell of a dictionary attack to get a
> >strange username and password.
> >
> >Cybe R. Wizard
> the difference is not material. Enterprise servers always have root
> accounts, not sudo, and they are teh most secure machines available.
The more paranoid enterprises I've worked at had a policy of using sudo.
> Nice theory, not really applicable in practice.
We are talking theory anyway.
Pete
More information about the sounder
mailing list