On Tue, 28 Apr 1998 [EMAIL PROTECTED] wrote:
> Some time ago someone compromised my system through a hole in ftp (RH4.1).
>
> I would restrict ftp access as severely as possible.
This is one of those things that needs to be corrected by applying
updates, unless of course FTP is not going to be used, then you should
eliminate it. Similar holes have existed in telnet, imap, sendmail, and
almost any service that is remotely accessible. There's no substitute for
applying updates, although removing unneeded services reduced the
probability that any given bug will affect you.
One thing I forgot to mention is that the Red Hat 5 inetd.conf file
doesn't, for some reason, use the wrappers for identd. This allows identd
to run as root instead of as nobody, like he should, and might make for a
root compromise. (maybe) I think Red Hat should make an errata for this,
but in the interim, you should change that one line in inetd.conf and
restart inetd.
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists
To unsubscribe: mail [EMAIL PROTECTED] with
"unsubscribe" as the Subject.
