[Lug-nuts] Re: Snort

Quoting Brian E. Lavender (brian(a)brie.com): If so, _that_ is likely a big problem. Fedora 13's initial release was May 25, 2010, and it was EOLed on June 24, 2011. Because Fedora. If you don't want to keep moving to newer versions, it's about the worst possible distro. (But it's possible Gary meant that he did _original_ installation 15 years ago, but has been following the recommended upgrade treadmill^W path. Linus Sphinx wrote: You know, I have a _lot_ of things to be grateful for, and somewhere on the list is the glad tidings that I don't need to rely on Bleepingcomputer.com for IT information. Over the past 1.5 months since its discovery, the new botnet used over 3,500 unique IPs worldwide to scan and attempt brute-forcing Linux SSH servers. [...] The SSH brute-forcing relies on a list of credentials downloaded from the [command and control server]. [...] *snore* So, doorknob-twisting for "joe accounts", like user=service password=manager and like that. Guestimate the math, and measure the lengthly setup and teardown times for remote connections to an sshd, and you'll find that dictionary-attacking an sshd with any reasonable rules set about password quality and length is going to take an appreciable fraction of the time to the heat death of the universe, to succeed. I mentioned upthread that a lot of IT device comes from gadget freaks. The _other_ common problem is that most security _articles_ are copied-pasted press releases from security/antimalware firms. So, they're big on shockhorror, and small on conveying understanding. I've only quick-glanced at this article about enforcing password policy via PAM, so won't swear to it being a good one: https://www.techrepublic.com/article/controlling-passwords-with-pam/ Of course, if you're the -only- user, you ought to stick to decent passwords without PAM forcing you to. (Also, a user who can su to root has the power to overrule PAM. But if you do that, you have only yourself to blame for consequences.)