I want to point out one thing related to this. It's actually a good thing for Ubuntu that so many people are crawling out of the woodwork trying to claim it's bad/insecure/<insert negative comment here>, why?
It means Ubuntu is gaining ground in the right direction, more people with less *nix experience are trying it out and while they some may complain I would venture to say the slient majorty is happy churing right along with Ubuntu. -Nick 2009/4/14 Ante Karamatić <iv...@grad.hr> > U Uto, 14. 04. 2009., u 10:30 -0500, n2...@verizon.net je napisao/la: > > > The second page is reachable now. > > 'Ironically the first two entries: the Post Office Protocol version 3 > (pop3) and the Internet Message Access Protocol version 2 (imap2) are > installed and running despite Ubuntu having installed the more secure > versions. Both of these older protocols were needed in years past for > interoperability with older mail programs, but all major mail programs > now support the more secure versions. (The biggest issues with these > older services are clear text passwords; however, POP2 servers have also > been vulnerable to root compromises.)' > > Author doesn't understand 'netstat', but uses its output to put a claim. > So, let's start: > > 1) Ubuntu (dovecot actually) doesn't support POP2 - even the netstat > output doesn't show pop2 > 2) Ubuntu (dovecot actually) doesn't support IMAP2 > 3) What Ubuntu (dovecot actually) supports are - POP3 and IMAP4rev1 > > Author should know that IMAP4 is extension of IMAP2, so it uses the same > port as imap2. As you can't define multiple names to one port > in /etc/services, sane practice is to put imap2 there. netstat > reads /etc/services and then claims that protocol is imap2. > > Next, bootpc UDP is port opened by dhclient. This guy is runing dhcp > server without being aware of that. netstat tip #2 'sudo netstat -aup | > grep boot'. > > So, B- for authors knowledge of UNIX/Linux systems. > > Next are users with /bin/bash. If those users would have /bin/false, > they won't be able to run jobs from cron. > > Of course, there are some valid points, but also lots of nonsense. > > > -- > ubuntu-server mailing list > ubuntu-server@lists.ubuntu.com > https://lists.ubuntu.com/mailman/listinfo/ubuntu-server > More info: https://wiki.ubuntu.com/ServerTeam >
-- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam