Re: Intruder's good job -- Change my root password
From: those who know me have no need of my name (not-a-real-address@usa.net)Date: 03/27/02
- Next message: ck: "Re: ./chrootkit output"
- Previous message: nickd@nospam.demon.co.uk: "Re: ./chrootkit output"
- In reply to: Andrew: "Re: Intruder's good job -- Change my root password"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: those who know me have no need of my name <not-a-real-address@usa.net> Date: Wed, 27 Mar 2002 01:46:46 -0000
<ua1k57eoirjqcc@corp.supernews.com> divulged:
>"Ed Blackman" <news@edgewood.to> wrote in message
>news:slrna9vt6e.1ul.news@loghyr.farmgate...
>ssh is the only one I can use now. How can I update it so that it
>becomes safe?
if you have a glibc 2.2 rpm4 based system you can get rpm's from
<ftp://ftp.openbsd.com/pub/OpenBSD/OpenSSH/portable/rpm/RH72>.
but, there is no way to be sure you are safe. you could update, and
tomorrow an exploit might be found which would be just as bad. (i'm not
saying that you should not update, but that updating isn't the only
thing you need to do. you have to keep an eye on things.)
>> ftp is insecure. All of the information you send back and forth is
>> sent in the clear:
this is not true. there are secure ftp implementations, such as those
provided with kerberos or srp.
>> Anonymous
>> ftp isn't too bad, if you set it up in a chroot jail, but they can be
>> tricky for a novice to set up and maintain.
you need to take care here too, beyond getting the jail created
properly. the daemon might contain flaws that allow remote users to
obtain root, and on many systems you can break out of the jail once you
are root.
>To run a ftp server is only for my convenience. I can download and upload
>something I need when being remote. How can I make it more secure?
>ssh may the better to sftp, but I don't know how to use it.
openssh comes with two solutions, scp and sftp. the documentation for
both is part of the package, but in essence to send files to your server
you type ``scp files userid-on-server@server-hostname:'' or to retrieve
files from your server you type ``scp
userid-on-server@server-hostname:files .''. sftp works like ftp.
>> I don't know enough about smb to speak authoritatively. But again,
>> what are you trying to do? Do you want anyone on the Internet to be
>> able to map a directory you have shared? Probably not.
>
>smb is only for my local access. I don't expect it can be shared through
>internet. If so, it's terrible.
if you configured smb correctly then it will require authentication
before allowing access to any resources. data isn't encrypted, so if it
is important that the data remain confidential you should use something
else, e.g., ssh.
-- bringing you boring signatures for 17 years
- Next message: ck: "Re: ./chrootkit output"
- Previous message: nickd@nospam.demon.co.uk: "Re: ./chrootkit output"
- In reply to: Andrew: "Re: Intruder's good job -- Change my root password"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
