Re: root account disabled by scanner

Jonathan Grymes · ‎05-07-2009

I recently had a scanner probe my HPUX system and it subsequently locked the root account. This was a legimate scan by my companys infosec group. The attempt occured mutilple times.
From syslog:
May 5 15:24:59 fgexsh41 sshd[19987]: error: PAM: Authentication failed for root from 150.114.112.123.
I have ssh configured to not permit root login. But the attempts disabled root. Is there a way to prevent root from locking by this kind of attack?

Steven E. Protter · ‎05-07-2009

Shalom,

Disable interactive login and force root login to use public keys.
http://www.hpux.ws/?p=19

This will force you to install public keys to permit root login.

It disables interactive login and solves the problem without compromising security.

SEP

Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: root account disabled by scanner

root account disabled by scanner

Re: root account disabled by scanner