On Wed, Sep 22, 2010 at 11:20:27 -0400, Donald Buchan malak@pobox.com wrote:
You're using the liveCD to do some system rescue work for a friend, and enable desktop control by an external source, say to work in tandem with someone else. Perhaps you even get an SSH server going. The system in question has valuable, at least to the owner, files on it. You have a direct internet connection and no router to "protect you behind a NAT", and your partner is at another location. A bot sniffs the IP and bang, gets in either by SSH root login, or VNC's into the desktop and starts up a terminal.
I had thought of that one, but I think the default is not to allow ssh logins for accounts without passwords.