---

Byte.com: Increasing Your Masquerading Gateway Security

“But just a few extra lines of code can make your machine much
more immune to attack. Before we can implement them, however, we
need to look at how a hacker could break through your simple
firewall.”

The task is trivial, of course, if you have left the door
open. The first thing a hacker will do is to check if you have
bothered to implement passwords on all the common administrator
handles.

“Hackers will try to login to TELNET as admin, and the host of
other user-IDs listed in your /etc/passwd file. If that fails,
there are several programs they will use to try to log in with a
dictionary of common passwords. When the program is set running it
looks sequentially through its database of most common passwords
trying to log in as root or any other known user name. It is
amazing how often this technique works. Several years ago one of my
colleagues managed to crack nearly all of the passwords in our
staff mail server.”

Complete
Story