On Fri, 7 Jul 2000, Matan Ziv-Av wrote:
> > > I am not (apart from my home computer).
> >
> > next thing you know, you dial out and people crack in through your ppp
> > connection (it happens a LOT, mind you! people run scanners on dial-up
> > IP ranges for BackOriffice, webmin, linuxconf and other stupidities,
> > telnet included, old FTPD ad BIND versions too.
>
> Why do you let all those run, let alone listen on the ppp0 interface?
I run them on my home machine since it's a server for my LAN too (well,
until they take my FR next week it's an internet server as well). at
least you should consider running BIND to cache lookups ad speed up
surfing.
and you don't SET them to listen on one interface or the other, they do
it by default.
> > I have published once my script for home-protection of linux dialups
> > with IPchains.
>
> Would not a simple /etc/rc.d/init.d/inetd stop be simpler?
because not all the options are covered by inetd. see bind, apache,
sendmail/postfix, xfs, xdm, webmin, and maybe other stuff RH or Mandrake
chose to install w/o asking you.
> > 2.4.0-test2-ac2-reiser3.6.10 compiled just last night for my new
> > dual-PII if you must ask. again, what's the connection?
>
> I think the point is clear to anyone who does not try that hard to be
> dense. Servers are one thing and home workstations are another. The
> "don't get used to bad things" excuse is non-sequitur, since you never
> explain why it is bad thing on a home machine.
because they may be cracked too while connected by dialup.
> > on a home machine 6 are OK too, if obfuscated enough. and change it once
> > a year.
>
> Why? from whom does the password protect you? Why is a 6 digit
> obfuscated password better than a 1 digit password?
you know what, I'm tired. do what you want. it's your data.
> > and never EVER run X as root.
>
> Again, blanket statements with no explanation. Why not?
because you can't trust xauth.
--
Ira Abramov, GNU/Linux advocate.
(@-
//\ "Akamai, Google, MicroSoft, Sun, Oracle, Intel, NASA, Sony,
v_/_ Python, JPG, PNG - CS masturbation is changing the world."
-- C.S. answering to Linus, 3/7/2000
=================================================================
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
