[Pipet Devel] new server up
Thomas.Sicheritz at molbio.uu.se
Thomas.Sicheritz at molbio.uu.se
Fri Mar 19 03:13:50 EST 1999
> > Tim has the idea... I don't quite agree with Carlos's assesment of
> > Red Hat's security flaws, but I don't think that matters if /etc/hosts.*
> > files were set up properly and only SSH, port 80, and perhaps anonymous
> > FTP were allowed from "unknown" hosts.
>
> Okay. We need someone to volunteer to be our anti-cracker.
>
> Tim? Carlos? Dave? Rahul?
>
I agree in RedHat being the least secure of all distributions - I switched
from Debian & RH to Suse on all of the departments and my personal
machines.
One of our fresh installes RH machines was on the net in 7 minutes before
the first successfull crack-in ... :-(
My policy here is
* restricted secure shell
* if ssh is not an alternative: tcp_wrapper protected telnet/ftp
and I do NOT close all ports - instead I wrapp/twist/fake them with tcp_wrapper
so that we get a chance to notice any cracking attempts; read script kiddies
(try to finger me at beagle.bmc.uu.se - I assure you we dont have users
named fritz or bertram)
* of course ... no rsh.rcp, rhost etc.
My suggestion is to (at least) wrap all open ports directly in inetd.
I fear that I have to stop looking at python and the sequence editor for a
while ... to many meetings and to many unwritten thesises (=1)
-thomas
--
Sicheritz Ponten Thomas E. Department of Molecular Biology
blippblopp at linux.nu BMC, Uppsala University
BMC: +46 18 4714214 BOX 590 S-751 24 UPPSALA Sweden
Fax +46 18 557723 http://evolution.bmc.uu.se/~thomas
Molecular Tcl: http://evolution.bmc.uu.se/~thomas/tcl
Molecular Linux: http://evolution.bmc.uu.se/~thomas/mol_linux
De Chelonian Mobile ... The Turtle Moves ...
More information about the Pipet-Devel
mailing list