[CLUE-Tech] enabling ftp

Brandon N bneill at yahoo.com
Sat Mar 17 16:37:52 MST 2001 

To find almost any Linux software, go to freshmeat.net

http://freshmeat.net/projects/tripwire/

there is a very good book about tripwire and other linux security
measures called, Linux System Security.

Brandon
--- Cyberclops <Cyberclops at hawaii.rr.com> wrote:
> And where can you find "tripwire" again is this for Linux too?  I
> assume
> it is.
> 
> ian wrote:
> > 
> > On Sat, Mar 17, 2001 at 09:37:03AM -0700, rfrank wrote:
> > > On Saturday 17 March 2001 08:49, Ian  wrote:
> > > > I can't say this enough.  TURN OFF FTP ASAP!!!!
> > >
> > > Okay I disabled ftp (but not telnet).  I commented out the lines
> for
> > > ftp and ftp.data in /etc/services.  Is telnet as risky?  I guess
> with ssh
> > > I don't need either one of them.
> > 
> > Yeah.. Both of them send stuff in cleartext.  It is very much worth
> the time
> > to learn about the security implications of these tools.
> > 
> > Another thing is look into tripwire to monitor your system or
> something
> > similar like an IDS system.  Just if your going to be always on the
> > net.
> > 
> > > > Especially since your on a cable modem (Road Runner?).  It is
> amazingly
> > > > easy to snoop on the Cable modem network to capture cleartext
> login
> > > > passwords.
> > >
> > > I'm on Sprint Broadband service.  I've heard that cable modems
> are
> > > easily snooped, but I haven't heard if wireless Broadband
> connections are
> > > susceptible.  I'm guessing not.
> > 
> > Well I don't know what how the MMDS system works exactly.  Guess I
> should
> > look into.  However most if not all of the wireless things have
> proven
> > less than stellar in their security view.   I would be at least
> minimally
> > paranoid about anything that is not in your direct control.  So
> that would
> > fall into whenever information is left from your box at home and
> your
> > remote box.  That connection in between is always suspect.
> > 
> > > > That was how I originally got compromised.  I went down the
> same path that
> > > > you are with how to secure your box.  First I'll get ftp.. then
> I'll get
> > > > apache.. then I'll get ssh.. then I'll put a firewall up. 
> Wrong order..
> > >
> > > Okay so now the order is ipchains, then ssh.  OpenSSH seems to be
> > > preferred.  But that means I'll have to put new software on any
> machine
> > > that needs to get to my site.  A small price, I guess, for
> security.
> > 
> > Just a suggestion from someone who was compromised.  Lock down the
> firewall
> > first.  Then start opening things up.  One service at a time.  That
> way
> > you can do snoops from outside (i.e. your remote box) to check the
> > security.  Look at nmap and SATAN to run against yourself from your
> > remote box to check and confirm that you only opened the service
> that you
> > want and didn't accidently open up something else.
> > 
> > ian
> > 
> > _______________________________________________
> > CLUE-Tech mailing list
> > CLUE-Tech at clue.denver.co.us
> > http://clue.denver.co.us/mailman/listinfo/clue-tech
> _______________________________________________
> CLUE-Tech mailing list
> CLUE-Tech at clue.denver.co.us
> http://clue.denver.co.us/mailman/listinfo/clue-tech


__________________________________________________
Do You Yahoo!?
Get email at your own domain with Yahoo! Mail. 
http://personal.mail.yahoo.com/

More information about the clue-tech mailing list