*********** REPLY SEPARATOR ***********
On 7/06/00 at 9:41 Adrian Likins wrote:
>On Tue, Jun 06, 2000 at 10:10:06PM -0400, Trond Eivind Glomsrød wrote:
>> [EMAIL PROTECTED] (Prasanth A. Kumar) writes:
>>
>> > I don't know if anyone has ever tried Webmin but I can say it is much
>> > more user friendly and less intrusive than Linuxconf. I think Redhat
>> > should seriously look at replacing Linuxconf with Webmin.
>>
>> We have.
>>
>> > I guess the most serious limitation to Webmin is that it runs over a
>> > browser, which can be a problem in text mode.
>>
>> One of them.
>
> Somewhat concerned about the security implications as well. While
>working in support, I've seen several hosts exploited via webmin. In that
>regard, its second only to old bind/admrocks exploits.
>
> Now, I should mention that for almost all cases, these were machines
>that were essentially "admin-free", and I suspect the installations of
webmin
>were suboptimal. Havent been able to find any known exploits in webmin
>either, but the sheer volume of exploited machines scares me a bit.
>
A few words :-)
SSL , IP restriction, ipchains, never telnet cause not protected by SSL
session, no exceptions .....
To put it in perspective, how long would a standard RH install last on a
permanent IP/connection....
Regards
Greg Wright
--
IT Consultant Sydney Australia PH 0418 292020
Available for Global Contracts Int. +61 418 292020
web http://www.ausit.com e-mail [EMAIL PROTECTED]
Trading As - AAA Computers, ITpro, Ozzie Soft, providers of IT services.
--
To unsubscribe:
mail -s unsubscribe [EMAIL PROTECTED] < /dev/null
