RE: [[cobalt-users] Server Hacked?]

["Craig S. N." <spikeone@xxxxxxxxxxxxxx>]

Greets,

I'm by no stretch of the imagination a security guru, but I think most
people on this list will agree - the fewer # of users that have telnet
access = a more secured environment.  And if at all possible - give NO user
telnet access except yourself.

Almost anything done by an end user via telnet can also be done via FTP.
This of course excludes those users who are basically using telnet (the web
server) as a development box for the testing of their own scripts, tweaks,
programs, etc.; which BTW is *not* a good thing - esp. if a script goes
rouge and spirals down taking everyone on the server with it..   I'd tell
those users to go download RedHat to their own machine (it is free).  That
way they can tweak, test and program all they want - "using their own
box"...  I currently have a server with 175 customers which are all getting
moved to an RaQ3i sometime this week.  ALL these customers *currently* have
telnet access - and for the most part, many of them have simply abused the
privilege.  My CPU overhead is twice that of normal use because of heavy
telnet usage and customers evoking commands on the machine (from telnet),
that they shouldn't be evoking...  They're all going to be happy-campers to
learn in the coming days the sand-box has been closed for good (and filled
in with concrete).  If they have a problem with it.. hit the road..!!  Going
forward if my customers want a command line to test, tweak or program from
behind a Linux prompt -they're going to need to do so from their own
machine(s)!!  In my opinion Telnet is simply TOO RISKY for end users!!

My two cents...

Regards
Craig Napier