[CLUE-Tech] Lousy no-good @!$#%@#$% (cracked)
Sean LeBlanc
seanleblanc at attbi.com
Tue Jan 29 20:14:09 MST 2002
On 01-29 09:02, Adam Bultman wrote:
>
> Okay: This thread has been absolutely fascinating! I must say.
>
> However, here is my question. At work, I've got a linux box on the
> Internet. Red Hat 7.2, and I've used 'bastille' to allegedly lock it down
> a bit. I'm running FTP, Sendmail, and ssh. Yeah, that's it. Anyway,
> it's been up on the net for a bit, and I'm wondering: What else can I do
> to lock it down? My network segment here isn't scanned much, but I'm
> still worried about being cracked.
>
> Secondly: I've got an OpenBSD firewall on my ISDN router acting as a
> firewall. Is there many stories of OpenBSD getting cracked? I'm running
> ssh and ftp on there, and other ports are forwarded elsewhere (sendmail,
> fr example is sent to a linux box).
Is it absolutely necessary to run ftp? I hope it's not anonymous. If it's
not anonymous, can't you just use scp or pscp (on Windoze) to replace? Maybe
your version of ftp doesn't have any known exploits, but that password is
going over the wire plaintext.
--
Sean LeBlanc:seanleblanc at attbi.com Yahoo:seanleblancathome
ICQ:138565743 MSN:seanleblancathome AIM:sleblancathome
Every program is a part of some other program, and rarely fits.
More information about the clue-tech
mailing list