[CLUE-Tech] enabling ftp

ian iguy at ionsphere.org
Sat Mar 17 22:49:18 MST 2001 

You can download tripwire LGPLed from www.tripwire.com  
(You can also buy it there) This version is 2.2.1.

However if you use RedHat you can download an RPM of version 2.3.x 
for RedHat 7.0.  

ian

On Sat, Mar 17, 2001 at 10:42:19AM -1000, Cyberclops wrote:
> And where can you find "tripwire" again is this for Linux too?  I assume
> it is.
> 
> ian wrote:
> > 
> > On Sat, Mar 17, 2001 at 09:37:03AM -0700, rfrank wrote:
> > > On Saturday 17 March 2001 08:49, Ian  wrote:
> > > > I can't say this enough.  TURN OFF FTP ASAP!!!!
> > >
> > > Okay I disabled ftp (but not telnet).  I commented out the lines for
> > > ftp and ftp.data in /etc/services.  Is telnet as risky?  I guess with ssh
> > > I don't need either one of them.
> > 
> > Yeah.. Both of them send stuff in cleartext.  It is very much worth the time
> > to learn about the security implications of these tools.
> > 
> > Another thing is look into tripwire to monitor your system or something
> > similar like an IDS system.  Just if your going to be always on the
> > net.
> > 
> > > > Especially since your on a cable modem (Road Runner?).  It is amazingly
> > > > easy to snoop on the Cable modem network to capture cleartext login
> > > > passwords.
> > >
> > > I'm on Sprint Broadband service.  I've heard that cable modems are
> > > easily snooped, but I haven't heard if wireless Broadband connections are
> > > susceptible.  I'm guessing not.
> > 
> > Well I don't know what how the MMDS system works exactly.  Guess I should
> > look into.  However most if not all of the wireless things have proven
> > less than stellar in their security view.   I would be at least minimally
> > paranoid about anything that is not in your direct control.  So that would
> > fall into whenever information is left from your box at home and your
> > remote box.  That connection in between is always suspect.
> > 
> > > > That was how I originally got compromised.  I went down the same path that
> > > > you are with how to secure your box.  First I'll get ftp.. then I'll get
> > > > apache.. then I'll get ssh.. then I'll put a firewall up.  Wrong order..
> > >
> > > Okay so now the order is ipchains, then ssh.  OpenSSH seems to be
> > > preferred.  But that means I'll have to put new software on any machine
> > > that needs to get to my site.  A small price, I guess, for security.
> > 
> > Just a suggestion from someone who was compromised.  Lock down the firewall
> > first.  Then start opening things up.  One service at a time.  That way
> > you can do snoops from outside (i.e. your remote box) to check the
> > security.  Look at nmap and SATAN to run against yourself from your
> > remote box to check and confirm that you only opened the service that you
> > want and didn't accidently open up something else.
> > 
> > ian
> > 
> > _______________________________________________
> > CLUE-Tech mailing list
> > CLUE-Tech at clue.denver.co.us
> > http://clue.denver.co.us/mailman/listinfo/clue-tech
> _______________________________________________
> CLUE-Tech mailing list
> CLUE-Tech at clue.denver.co.us
> http://clue.denver.co.us/mailman/listinfo/clue-tech

More information about the clue-tech mailing list