[CLUE-Tech] enabling ftp
rfrank
rfrank at rfrank.net
Sat Mar 17 09:37:03 MST 2001
On Saturday 17 March 2001 08:49, Ian wrote:
> I can't say this enough. TURN OFF FTP ASAP!!!!
Okay I disabled ftp (but not telnet). I commented out the lines for
ftp and ftp.data in /etc/services. Is telnet as risky? I guess with ssh
I don't need either one of them.
> Especially since your on a cable modem (Road Runner?). It is amazingly
> easy to snoop on the Cable modem network to capture cleartext login
> passwords.
I'm on Sprint Broadband service. I've heard that cable modems are
easily snooped, but I haven't heard if wireless Broadband connections are
susceptible. I'm guessing not.
> That was how I originally got compromised. I went down the same path that
> you are with how to secure your box. First I'll get ftp.. then I'll get
> apache.. then I'll get ssh.. then I'll put a firewall up. Wrong order..
Okay so now the order is ipchains, then ssh. OpenSSH seems to be
preferred. But that means I'll have to put new software on any machine
that needs to get to my site. A small price, I guess, for security.
Roger Frank
More information about the clue-tech
mailing list