l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
April 21: Google Glass
Next Installfest:
TBD
Latest News:
Mar. 18: Google Glass at LUGOD's April meeting
Page last updated:
2001 Dec 30 17:06

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] Attempted access -- I think
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] Attempted access -- I think



jdnewmil@dcn.davis.ca.us wrote:
> 

> 
> ftp passes usernames and passwords in plaintext.  The only valid use of
> ftp in an unsecured environment is anonymous access to public files.  If
> they sniff you ftp'ing in, and your telnet or ssh ports are open to the
> outside, they can then log in as you, from which position there are
> numerous ways to obtain the root password.
> 
> If you really need external access to private files, use scp via ssh v2.
> 
It's there mostly to move files to and from the kids' machine, which
also has our financial stuff on it.  I've just never gotten around to
writing a rule to block access from outside.  One more thing on the
list.

> >

> > I think I will leave sunrpc,
> 
> in your configuration I see no reason to.  It is like finger... a way for
> outsiders to scope you out.
> 
It's compiled into the kernel as part of sysctl.  I am not about to
rebuild the kernel just yet, so it will have to wait.

 
> It is a basic "cat >/dev/null" service.  Probably not dangerous, but there
> is no reason why it should be enabled either.

Well, I guess I just have to figure how to get rid of it.

Cam

-- 
Cam Ellison Ph.D. R.Psych.
>From Roberts Creek on B.C.'s incomparable Sunshine Coast
camellison@dccnet.com
cam@fleuryassociates.com


LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Sunset Systems
Who graciously hosts our website & mailing lists!