On Sat, 28 Oct 2000, Ron Stodden wrote:
> Franck Martin wrote:
> >
> > Why don't we stop this silly discussion indeed and Mandrakesoft agrees to
> > install sshd by default on ALL machines, the same way as telnet is installed on
> > ALL machines.
> >
> > For an extra 100k sshd has a very small footprint for so much benefits.
>
> One good reason is that to do so would violate the service contract
> of people with machines connected to the internet via a residential
> service cable modem. If the cable company discovers you are running
> a server (and they do this by regular port scans, not by traffic
> analysis) they will cancel your service contract.
>
> So it is NOT a silly discussion.
Fortunateny, my cable modem provider has a more enlightened philosophy
(despite being part-owned by MS...) However, I certainly wouldn't want any
service running I hadn't specifically enabled. Having lost a machine to an
FTP exploit last week (FTP? Eh? The machine wasn't an FTP server ... Oh.
Bad Prat had decided to enable all the services it could find...)
Personally, I think "Paranoid" mode is the right way to go (and should
probably be the default): do NOT enable all the crap you can find. If I
need it, I'll enable it; if I don't, I do NOT want it enabled. EVER.
James.
