On Tue, May 24, 2016 at 02:38:23PM -0700, Gary E. Miller wrote: > Yo Eric! > > On Tue, 24 May 2016 17:33:06 -0400 > "Eric S. Raymond" <e...@thyrsus.com> wrote: > > > Hal Murray <hmur...@megapathdsl.net>: > > > > > > e...@thyrsus.com said: > > > > See my reply to Gary and your text about NATs and firewalls. > > > > Nobody has convinced me that this procedure *isn't* taking > > > > security seriously, nor will they until I understand how any > > > > machine other than the one I port-forward to is visible to > > > > outsiders. > > > > > > Your mention of port-forward assumes you are behind a NAT box. > > > That's not true in all setups. > > > > Would it suffice to say "Never put a Pi on an un-NATted address until > > you have removed the default account?" > > Most people's NATs leak a lot. Or they have IPv6 end around. > > Just change the password, to a good one, the FIRST step.
Can I just suggest that you don't allow password based logins over the network? Kurt _______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel
