Hi Matt, I agree, I was only using telnet for local access (should have been stopped at the firewall) but now I use SSH for ALL access to my servers. I also rotate my root passwords (and any account with wheel access) :o) I have learnt alot about *nix from my home server :o) Regards, Kat. ____________________________________________________________________________ /"\ ASCII Ribbon Campaign | K.A.Q. Electronics \ / - NO HTML/RTF in e-mail | Software and Electronic Engineering X - NO Word docs in e-mail | Perth Western Australia / \ | Ph +61 419 923 731 ____________________________________________________________________________ ----- Original Message ----- From: "Matt Pobursky" To: Sent: Saturday, January 19, 2002 12:37 PM Subject: Re: [OT]: Which Unix ? (was Re: [OT]: What is Windows XP?) Kat, If you MUST do remote access on your *nix box, never use Telnet -- use ssh2 instead. It's encrypted and secure (well, as secure as anything gets -- nothing is totally crack-proof!) Anytime someone asks me to take a look at their Linux boxes, the first things I make sure to do is turn off all unused services, kill Telnet and wu-ftp. Those steps alone keep most linux boxes reasonably secure. (wandering off course a bit) My very first Linux box (Redhat 6.1) was cracked through a wu-ftp exploit. I had read about it, so I pulled the network plug to the internet router and proceeded to see if I could crack my own box from a local machine. It took about 10 minutes and I had root access! It was the wee hours of the morning by then, so I made a mental note shutdown wu-ftp and disable it before I went to bed. I already had downloaded ProFTP to replace it. The next morning I got up and saw that the link light for my server was not "on", so not thinking clearly I plugged the network cable into the router. About noon, I went back to the server area and saw the activity light for the server link going crazy. Knowing that the ftp and web server should be "down", I thought it was odd that there was so much network activity going on. Then I remembered... I quickly checked my logs and found that someone had used the same wu-ftp exploit and had cracked my box only minutes earlier!!! D'OH!!! So I quickly pulled the plug again, gathered all the log files (the cracker had not had time yet or was too stupid to cover his tracks) and sent them off to his ISP's abuse department. The next day I got an email from them saying his cable modem account had been terminated. So at least some good came of it. After a fresh install, all was well and the server was up and running for over a year with no security breaches. Linux systems are only as secure as their administrators make them... Matt Pobursky Maximum Performance Systems On Sat, 19 Jan 2002 10:38:47 +0800, Kathy Quinlan wrote: >Ok, > >I love FreeBsd, it is yet to let me down (I let me down the last >time, ended up in hospital the day a major bug was found and my >box got hacked through telnet :o(( ) > >I found FreeBSD to be the easiest to install. > >Regards, > >Kat. > >_________________________________________________________________ >___________ /"\ ASCII Ribbon Campaign | K.A.Q. >Electronics \ / - NO HTML/RTF in e-mail | Software and >Electronic Engineering X - NO Word docs in e-mail | >Perth Western Australia / \ >| Ph +61 419 923 731 >_________________________________________________________________ >___________ > > >----- Original Message ----- >From: "John Ferrell" To: > Sent: Saturday, January 19, 2002 7:25 >AM Subject: Re: [OT]: What is Windows XP? > > >> As soon as I can migrate off this machine, >>Format/fdisk/reload, & migrate back I will have a machine >>available to give Linux. It may take 30 to 60 days. >> The questions: >> >> Where do I start? What version/flavor do I get and where >>should I get it? >> How much machine is needed? memory/speed/disk? >> What are the trade offs? >> >> I am asking here because I think a PIC list answer will be >>more accurate than on a Linux group! >> >> John Ferrell 6241 Phillippi Rd Julian NC 27283 Phone: >>(336)685-9606 Dixie Competition Products NSRCA 479 AMA 4190 >>W8CCW "My Competition is Not My Enemy" >> >> >> >> ----- Original Message ----- >> From: "Dale Botkin" To: >> Sent: Friday, January 18, 2002 5:05 >>PM Subject: Re: [OT]: What is Windows XP? >> >> >> > On Fri, 18 Jan 2002, Herbert Graf wrote: > > > Hehe, I've >>got a Linux machine acting as a router on my network and >the >> only > > time I have to reboot it is when power goes out! So >>far my uptime is: > > > > 08:36:55 up 125 Days (3006h) >> > > > > I guess that's how long it's been since my last power >>outage! :) TTYL > > Had mine up to 300+ at the old house... >>it was on a UPS. >>It's my >router, >> > firewall, SMTP, DNS, Web, POP3, SQL and everything else >>server, as well >as >> > where I do some code testing. Right now it's 80 days and >>counting. >> > > Dale > > -- >> > http://www.piclist.com hint: The list server can filter out >>subtopics > (like ads or off topics) for you. See >>http://www.piclist.com/#topics > > >> >> -- >> http://www.piclist.com hint: The list server can filter out >>subtopics (like ads or off topics) for you. See >>http://www.piclist.com/#topics >> >> > >-- >http://www.piclist.com hint: The list server can filter out >subtopics (like ads or off topics) for you. See >http://www.piclist.com/#topics > > > -- http://www.piclist.com hint: The list server can filter out subtopics (like ads or off topics) for you. See http://www.piclist.com/#topics -- http://www.piclist.com hint: The PICList is archived three different ways. See http://www.piclist.com/#archives for details.