On Tue, 01 Jul 2003, Chris Berry wrote:
I think you should also include FTP and NFS in
your list.
FTP I'm researching, I've heard that some FTP servers are exploitable.
What's wrong with NFS?
ftp like telnet transmits passwords in the clear.
So it is no way to maintain a website,
Hi hong!
On Wed, 02 Jul 2003, hong li wrote:
If you use the same password for the local
administrator on workstations
as all other servers's local administrator, (even
domain administrator),the local administrator can gain
full access to any servers without asking
domain info if you
On Fri, 18 Oct 2002, Johan De Meersman wrote:
You can also allow root ssh from localhost
only, adding a tiny bit more security still by not su-ing but ssh-ing to
root.
Never thought of this -- good stuff. Will using ssh-agent instead of
typing ssh passphrase into the remote
On Tue, 15 Oct 2002, Chris Santerre wrote:
You know I always wondered about this method. su - has you input a password.
So If a sysadmin is on a cable modem at home, logs in as normal user w/ ssh,
then does an su - and enters password, How is that any different? You are
being sniffed on the
On Tue, 15 Oct 2002, Rune Berntzen wrote:
When checking port activity using TCPView I notice that I have a =
listener on ports 137,138 and 139.
This is a windows networking client (aka smb/netbios aka nbt )
The Local Address seems to be from a Class B network, 169.254.0.0, =
These are a
On Fri, 11 Oct 2002, Warren Raquel wrote:
It's not a good idea to allow remote ssh root access. If anyone ever tries
to log into your machine remotely using root then you'll know from the logs
that someone's trying to access your systems. Always log in as a regular
user then su root if
