If I remember correctly, there are 2 ports that the ACE server will
require. One is to validate tokens, and the other
if you have a slave. Look at the install document for the ports and the
names, or you can just look at the inetd.conf
file and I believe they are self evident.
Don
-----Original Message-----
From: Ng, Kenneth (US) [mailto:[EMAIL PROTECTED]]
Sent: Monday, January 08, 2001 12:25 AM
To: 'Sun Young Geun\(???\)'; [EMAIL PROTECTED]
Subject: RE: [question] ACE/SERVER and security
If no one will acknowledge putting in that .rhosts entry, you must assume
that your machine has been compromised and that all of your tokens are
probably compromised. Format the disks and install from installation
tapes. Assume that anything on backups is contaminated. Start a plan to
replace all the tokens in the field.
Telnet services still risk exposing the root password if you come in as
root or su to root. A better way is to use ssh to encrypt the data stream.
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Sunday, January 07, 2001 8:24 PM
To: [EMAIL PROTECTED]
Subject: [question] ACE/SERVER and security
I'm operating ACE/SERVER.
ACE/server is configured master and slave.
I have some question about security.
1. I found something in .rhosts file like that.
#cat .rhosts
++
Do they use r-command when master and slave communicate each other?
If not, is there any problem whithout .rhosts file?
I want to delete .rhosts file because it is very vulnarable in securtiy.
2. I want to comment all services except for telnet service.
The inetd.conf file allows services.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
