I'm completely over-reacting, but better safe than sorry IMO...
Yes exactly. And for the record you don't know as you're overreacting. Underreacting got this sucker into this regrettable impasse. No you never use remote login and if you do - you must understand what you do and don't do. And let's hope you don't have the root account enabled because in such case you just gave the intruders a halfway pass to your network.
SSH scans are very, very common on the 'net, and password dictionaries are used to try to attempt a break-in, in combination with "usual" names (root, admin, www, <English names>), and is called a brute-force attack.
This is what scares me. People don't know this stuff and they rig their own computers and they don't know what they're letting themselves into. People are getting hacked all the time through remote login and they don't grasp why this is such a terrible idea if you don't know what you're doing (and even sometimes when you do). The fact you have to explain basic things like brute force attacks - the fact people don't know what this is or worse, that they don't understand the other 99.9% of it - this is what scares me. Cowboys and indians becomes hackers and fanboys and finally Cupertino's Last Stand. Education is a defense. Hats off to those here who are helping.
if ssh is like other tools then Apple probably uses openssh, in which case you should try to see how far out of date the one in OS X is and see if any big vulnerabilities have been patched in the interim
Not again!
Wait....so your password is 10 digits, as in 10 numbers? And not characters. That would explain it. That's gotta be one of the easiest passwords to brute force
Yes but the hackers wouldn't know that.
I missed where someone claimed that OS X wasn't susceptible to brute-force "let me guess your password" hacks.
And I missed where someone said they knew for a fact this was a brute force attack.
Simple words of advice:
Never enable "root"
Don't allow SSH access
Keep all FileSharing stuff off....
.. until you're very sure of what you are doing.
Second that. Third it too.
This is a stupid statement.
It has nothing to do with the inherent security of Mac OS X.
No that is NOT a stupid statement. But your smug attack IS stupid. In addition to being smug and dangerous of course.
Your mention of "inherent security" of course begs the question "what inherent security" - or are you just another one of the inhabitants here who know a lot of buzzwords but have absolutely no experience in the field of security?
The original statement, perhaps poorly formulated, was instead begging the others here to stop thinking "smugly" - which is exactly what you are doing and evidently refuse to stop doing.
Yes, and I wholeheartedly agree...but this is *not* one of them. Leaving those services on all the time isn't a security flaw...you're leaving the door open asking for trouble.
Perhaps you're right - perhaps you're both right - but you don't yet know what happened to the victim's system so it's way too early to start assuming you know the attack vector.
Just as many vulnerabilities are in the 'UNIX layer'
All vulns are ultimately in the Unix layer.
I'll translate that for you since you have trouble understanding.
I don't think that type of hostility is called for in here.
I'm not sure what you mean by "enable root", as far as I can tell it is enabled by default.
No. From the rest of your post it's obvious you're very hazy on all this. I'd take a timeout and study things a bit.
And just so we are clear, SSH is nothing like having an open door.
That you do have right!
