[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-developers] Fixing the nasty RaQ Hack...
- Subject: Re: [cobalt-developers] Fixing the nasty RaQ Hack...
- From: Jörg Jan Münter <support@xxxxxxxxxxx>
- Date: Thu Jan 23 06:11:02 2003
- Organization: IndenieurbüroMünter
- List-id: Discussion Forum for developers on Sun Cobalt Networks products <cobalt-developers.list.cobalt.com>
Am Donnerstag, 23. Januar 2003 13:46 schrieben Sie:
> I know and don't/do. About two weeks ago an incident occured on a Cobalt
> and a cracker generated about 1400 Gb of traffic in less then 3 hours.
> Sniffing the ftp-account and getting root-access was the cause.
> By the way: any site-administrator gets shell-access (admin) when using
> sftp, that is to say, on my Raq4.
> Peter
>
Hi out there,
why do you grant shell acces to any user? I wouln't grant anything but FTP access.
And as someone already said i would access the RaQ by FTP with admin user.
None of our customers needs shell access. If anything has to be installed it
firstly gets checked by us.
Yours
Jan*
--
---------------------
Ingenieurbüro Münter
Jörg Jan Münter
Leipziger Straße 16
38165 Wendhausen
info@xxxxxxxxxxx
Tel: 05309 - 8052
Fax: 05309 - 8053
---------------------