[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [[cobalt-users] Server Hacked?]

Subject: Re: [[cobalt-users] Server Hacked?]
From: Jeff Lasman <jblists@xxxxxxxxxxxxx>
Date: Wed Feb 16 09:55:21 2000

At 05:10 PM 2/15/00 -0500, you wrote:

Shadow passwords doesn't buy you security, it just buys you time.  The
only thing shadow passwords protect against really is the infamous 'cat
/etc/passwd'  an insecure password is an insecure password.


Okay, instead of writing:
  For security, you really need to have shadow passwords implemented.
I should have written:
  For better security, you really need to have shadow passwords implemented.

You obviously open yourself up if you allow telnet, but to be competitive
and offer good well rounded service you have to offer telnet.

That must be true <smile>, after all, the two largest ISPs in the worldboth offer telnet (AOL and Earthlink) ---NOT---.

You don't have to offer telnet to be competitive or to offer a goodwell-rounded service. You may need to offer it because of YOUR businessmodel. I don't.

That being
said...we have hundreds of domains and only offer telnet to 3 of them.  On
the colocated servers here that we build for folks (non raq servers) we
disable telnet and fire up ssh for them and point them in the general
direction of an ssh client.

So I guess those hundreds of customers don't have a competitive,well-rounded service? Somehow I don't think so; you seem pretty successfulto me.


Jeff
--
Jeff Lasman <jblists@xxxxxxxxxxxxx>

Follow-Ups:
- Re: [[cobalt-users] Server Hacked?]
  - From: Kris Dahl

References:
- Re: [[cobalt-users] Server Hacked?]
  - From: Jeff Lasman

Prev by Date: Re: [cobalt-users] RaQ3 128-bit Secure Server Upgrade... WHEN..??
Next by Date: RE: [cobalt-users] catch all address
Previous by thread: Re: [[cobalt-users] Server Hacked?]
Next by thread: Re: [[cobalt-users] Server Hacked?]

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index