On 17/11/11 12:14, Valdis.Kletnieks@xxxxxx wrote: > On Thu, 17 Nov 2011 18:50:12 +0100, Mario Vilas said: >> The guest account has no password, but it's not possible to login remotely >> with ssh. > > Well.. out of the box, anyhow. > > The problem is that if you install Ubuntu on a server (as lots of people do) > and enable ssh so you can remotely admin the server, you can find yourself > shot > in the foot if you don't realize there's a passwordless guest account. There is no guest account on an Ubuntu server, so at least there this is not a real/perceived risk. Cheers,
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/