[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] problems with Qube3 (was Macintosh, AppleShare IP Users)
- Subject: Re: [cobalt-users] problems with Qube3 (was Macintosh, AppleShare IP Users)
- From: "Gary Melendez" <gmelendez@xxxxxxxxxxxxxxxx>
- Date: Fri Apr 6 03:27:03 2001
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
> I strongly suggest that you take it upon yourself to make the installation
> of OpenSSH pretty much top priority on your list. Telnet (and FTP, and
> POP...) sends passwords in the clear so any network sniffer can grab your
> password as it goes by. That's why FTP doesn't allow root (among other
> reasons), and it is a wonderful way to get your machine hacked in a
heartbeat.
>
> Once you have basic functionality on the box, security should be your
first
> concern. I recommend the following as *required* functionality:
>
> * OpenSSH (disable remote root login, ensure that only one or two users
can
> su to root)
> * ipchains (packet filter firewall, explicitly accept stuff then deny all
> remaining)
> * Logcheck (www.psionic.com)
>
> That oughta keep you busy for a couple of days. Then get back to us. :)
I'll take it under advisement. I don't want to spend TOO much time on this.
I've got other things I need to take care of - sysadmin is my 'side' job.
That's why I got the Qube - it's supposed to be easy. Also, I'm not logging
in via Internet, I'm doing it locally.
BTW, there is a new firewall package available for the Qube 3.
Thanks for all your help, Rodolfo.
Cheers,
Gary Melendez
Geographic Information Services, Inc.