l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
January 6: Social gathering
Next Installfest:
TBD
Latest News:
Nov. 18: Club officer elections
Page last updated:
2002 Jun 11 18:42

The following is an archive of a post made to our 'vox mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox] Who opened the floodgates?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox] Who opened the floodgates?



begin Ryan <ryan@mother.com> 
> On Monday 10 June 2002 08:16 pm, Rusty Minden wrote:
> > Actually one had a concern about getting LINUX cracked into :-) A sysadmin
> > told him it was not secure Peter set him on the right track though. I was
> > surprised to see the three RSVPs myself, but also very happy. We have 6
> > RSVPs so far. Please let people know about the InstallFest and if you can
> > come out please do so. I may RSVP myself if I can not figure out NVIDIA
> > with Woody soon :-(
> 
> A bunch of insecure unneeded services will get any OS h4x0r3d, but that's 
> partly what the installfests are for, to make sure people aren't going to 
> mess things up and let the script kiddies run rampant on an insecure default 
> install. cough*redhat*cough

** warning: i'm about to challange conventional wisdom


i don't mean to pick on you, ryan...  i've had this conversation with
lots and lots of people...

there's always a "but", isn't there?   ;-)


it's sad when i see otherwise pretty informed people repeat the
knee-jerk reaction about security.

just because you leave on fingerd does NOT mean that viscious and
salivating hackers are about to pounce unmercifully on your system.

just because you leave statd running doesn't mean a huge crack is
immenent.

am i advocating that we all turn on every service?  of course not.
but let's not freak to the point of being wrong.

when it comes down to it, 3 things and 3 things only make a home system
secure:

1. good passwords
2. not using plaintext authentication
3. being careful about CGI's.

if you follow these three steps and leave on a service, even a service
with a bad track record like nfs or pserver, i'd bet you'd still be OK
to guard a home system.

good enough for modem?  definitely.

good enough for DSL?  probably.

turning your services off is trivial and takes a second to do, so it's
stupid not to turn off unecessary services.  but just because you don't
doesn't mean the sky is falling...  for the home system, the default
redhat installation is good enough for modems.  prolly good enough for
broadband connection systems too.

pete
_______________________________________________
vox mailing list
vox@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
O'Reilly and Associates
For numerous book donations.