Carlos Maltzahn wrote: > > Our passwords are going through the Internet in plain text. It's extremely > easy to snoop them and then login. Red Hat's user friendly admin tools > have the tendency to permit users to acquire root access among other > things. RH's distributions are so unsecure that our department > doesn't allow us to connect RH computers to the network inside the > firewall. Even _inside_ of a firewall? I know of one case where password snooping led to a security breach on a Solaris system. They used one-time passwords after that...pain. > I would recommend to put onsager behind a firewall and allow us to login > through the firewall using ssh or at least one-time passwords. UMass Lowell just doesn't seem so concerned about firewalls. Actually, I just set up a Web server at Boston College using Red Hat. But BC has this firewall set up for every system on the network that prevents every attempt to make a connection from the outside, which naturally blocks the Web server. I asked to have the firewall removed, and as nutty as they are about security, BC said all I have to do is disable finger and update sendmail. And the system administrator is a real Linux guru. He seemed to have little concern about using Red Hat. > > > Jeff, are you planning to give us some tulip-related web space on onsager? > > > > Anything you want. What did you have in mind? > > I will start working at a company two months from now and eventually lose > my CU account. At that point I'd like to have a neutral place for Paos. I > was thinking about putting it on onsager -- but it needs to be more secure > than it is now. I hate to discover one day that the Paos distribution > contains a Trojan horse or something else ugly. I would be honored to host PAOS. We'll get this security problem settled. > More generally, I think onsager is not a save repository for Tulip > development right now. Where do you think the biggest threat comes from, other developers or the occasional cracker? Jeff -- J.W. Bizzaro Phone: 617-552-3905 Boston College mailto:bizzaro at bc.edu Department of Chemistry http://www.uml.edu/Dept/Chem/Bizzaro/ --