[CLUE-Tech] enabling ftp

Cyberclops Cyberclops at hawaii.rr.com
Sat Mar 17 13:42:19 MST 2001 

And where can you find "tripwire" again is this for Linux too?  I assume
it is.

ian wrote:
> 
> On Sat, Mar 17, 2001 at 09:37:03AM -0700, rfrank wrote:
> > On Saturday 17 March 2001 08:49, Ian  wrote:
> > > I can't say this enough.  TURN OFF FTP ASAP!!!!
> >
> > Okay I disabled ftp (but not telnet).  I commented out the lines for
> > ftp and ftp.data in /etc/services.  Is telnet as risky?  I guess with ssh
> > I don't need either one of them.
> 
> Yeah.. Both of them send stuff in cleartext.  It is very much worth the time
> to learn about the security implications of these tools.
> 
> Another thing is look into tripwire to monitor your system or something
> similar like an IDS system.  Just if your going to be always on the
> net.
> 
> > > Especially since your on a cable modem (Road Runner?).  It is amazingly
> > > easy to snoop on the Cable modem network to capture cleartext login
> > > passwords.
> >
> > I'm on Sprint Broadband service.  I've heard that cable modems are
> > easily snooped, but I haven't heard if wireless Broadband connections are
> > susceptible.  I'm guessing not.
> 
> Well I don't know what how the MMDS system works exactly.  Guess I should
> look into.  However most if not all of the wireless things have proven
> less than stellar in their security view.   I would be at least minimally
> paranoid about anything that is not in your direct control.  So that would
> fall into whenever information is left from your box at home and your
> remote box.  That connection in between is always suspect.
> 
> > > That was how I originally got compromised.  I went down the same path that
> > > you are with how to secure your box.  First I'll get ftp.. then I'll get
> > > apache.. then I'll get ssh.. then I'll put a firewall up.  Wrong order..
> >
> > Okay so now the order is ipchains, then ssh.  OpenSSH seems to be
> > preferred.  But that means I'll have to put new software on any machine
> > that needs to get to my site.  A small price, I guess, for security.
> 
> Just a suggestion from someone who was compromised.  Lock down the firewall
> first.  Then start opening things up.  One service at a time.  That way
> you can do snoops from outside (i.e. your remote box) to check the
> security.  Look at nmap and SATAN to run against yourself from your
> remote box to check and confirm that you only opened the service that you
> want and didn't accidently open up something else.
> 
> ian
> 
> _______________________________________________
> CLUE-Tech mailing list
> CLUE-Tech at clue.denver.co.us
> http://clue.denver.co.us/mailman/listinfo/clue-tech

More information about the clue-tech mailing list