> > > But if I am not a sys admin?
> >
> > I am not (apart from my home computer).
>
> next thing you know, you dial out and people crack in through your ppp
> connection (it happens a LOT, mind you! people run scanners on dial-up
> IP ranges for BackOriffice, webmin, linuxconf and other stupidities,
> telnet included, old FTPD ad BIND versions too.
Why do you let all those run, let alone listen on the ppp0 interface?
> I have published once my script for home-protection of linux dialups
> with IPchains.
Would not a simple /etc/rc.d/init.d/inetd stop be simpler?
>
> > > Do you run Quake on you server, latest
>
> no, I wish there was Carmagedon for Linux though. what's your point?
>
> > > 2.4.0-test3-pre2-ac2-riel7-aa2 kernel?
>
> 2.4.0-test2-ac2-reiser3.6.10 compiled just last night for my new
> dual-PII if you must ask. again, what's the connection?
I think the point is clear to anyone who does not try that hard to be
dense. Servers are one thing and home workstations are another. The
"don't get used to bad things" excuse is non-sequitur, since you never
explain why it is bad thing on a home machine.
> > > Should I have a 12 character password with capitals+symbols+digits on my
> > > home machine?
> >
> > Yes, but 8 characters would suffice, too, provided they are mixed-case
> > with special characters, and cannot be easily guessed.
>
> on a home machine 6 are OK too, if obfuscated enough. and change it once
> a year.
Why? from whom does the password protect you? Why is a 6 digit
obfuscated password better than a 1 digit password?
> > > The answer is simple. Unix model of security is almost useless in a
> > > single user machine.
> >
> > I disagree strongly. At the very least have a user account and a root
> > one, keep them very separate, and always think thrice before you type
> > su. Especially if the machine is connected to the internet. Look
> > through this list's archives for some war stories told when someone
> > asked why crackers would try to break into one's homebox.
>
> and never EVER run X as root.
Again, blanket statements with no explanation. Why not?
--
Matan Ziv-Av. [EMAIL PROTECTED]
=================================================================
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
