The only thing you might trust is ssh. The only way to be safe is to not have your computer connected to the internet at all. :)
In article <[EMAIL PROTECTED]> you wrote: : Hi Mark, : The first thing you should do is comment telnet back in until you have drawn up your security strategy ;-) : The standard things people will tell you to do are: : - turn everything off : - use inetd/wrappers with PARANOIA for anything you *have* to have on : - use packet filtering ie ipchains : - use a logchecker : - keep backups for WHEN you get broken into. : Unfortunately if you are on a cable modem you are easy meat since your available 24/7 and because often the people who connect have no real security idea they are a useful staging post for a cracker. I currently get scanned about 2x a day at work and often they are from IP's that resolve to cable modems. : I would suggest that you ate tke time to review material at cert such as the architectural design of unix security, the LDP has some good links and there is the security HOWTO (or equiv titled). For a faster/dirtier guide try: : https://www.seifried.org/lasg/ : This is a book on securing your system by Kurt Seifried, I haven't read the new version but the first one was perfectly capable if RH focused. : HTH, : Steve : On Sun, Jul 04, 1999 at 02:21:58PM -0700, Mark Wagnon wrote: :> Hi all: :> :> Okay. I seem to have my two computers networked together. In fact I've :> telneted into my machine that has a direct internet connection to :> write this email. :> :> I have some questions on how to go about making my system more :> secure. When I first had my cable modem installed, one of the first :> things I did was comment out the services in /etc/inet.conf. Now I've :> gone back and un-commented the line for telnet (I assumed I had to in :> order to telnet into my gateway (is that right?)). But i've read in :> the past that telnet isn't very secure and that people can intercept :> logins and passwords when one telnets to a computer. :> :> Can anyone supply some security related resources that can get this :> neophyte started? I realize that the first thing I should do is :> upgrade my kernel (and I'll do it today). :> :> tia :> -- :> __ _ :> Mark Wagnon Debian GNU/ -o) / / (_)__ __ ____ __ :> Chula Vista, CA /\\/ /__/ / _ \/ // /\ \/ / :> [EMAIL PROTECTED] _\_v____/_/_//_/\_,_/ /_/\_\ :> http://www.debian.org :> :> :> -- :> Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null :> -- Dan Nguyen | It is with true love as it is with ghosts; [EMAIL PROTECTED] | everyone talks of it, but few have seen it. [EMAIL PROTECTED] | -Maxime De La Rochefoucauld 25 2F 99 19 6C C9 19 D6 1B 9F F1 E0 E9 10 4C 16
