[prev in list] [next in list] [prev in thread] [next in thread]
List: clamav-users
Subject: RE: [Clamav-users] clamav user password
From: Kenneth Byrne <kbyrne () espatial ! com>
Date: 2006-02-23 17:07:13
Message-ID: 5F8F382AE551D611BF6100508BF38146019B893E () essex01 ! ess ! com
[Download RAW message or body]
> -----Original Message-----
> From: Damian Menscher [mailto:menscher@uiuc.edu]
> Sent: 23 February 2006 16:46
> To: ClamAV Users
> Subject: [Clamav-users] clamav user password
>
> Just saw in my logs a couple of the password-guessing ssh bots were
> making attempts at the clamav user's password. Everyone please make
> sure you have locked this account!
>
> (Sorry to bother all of you for whom this is common sense,
> but I'm sure
> it'll wake up someone on this list. Oh, and please don't go
> onto some
> OT thread about running ssh on some high-numbered port, or disabling
> password auth, or using port-knocking.)
This really isn't anything new, it would be helpful if you told those
who didn't know about this how to lock the accounts:
At the very least service accounts like apache/clamav/amavisd etc should
always
be added to DenyUsers in the your relevant sshd_config and/or have a
/bin/false
or /sbin/nologin shell entry in /etc/passwd .. unless theres a very good
reason
for requiring a shell login.
Regards,
Ken
_______________________________________________
http://lurker.clamav.net/list/clamav-users.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic