[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: How to block telnet access.




On Wed, 29 Sep 1999, Nir Soffer wrote:

> Break into my home machine. All I have now running is sshd (Which is
> vulnerable, I know, but at least enough people use it to clear it out of
> the bugs, and I can keep track.) , and I'm about to suspend it too.

are you really only running sshd ? are you not running the linux kernel,
which listens for IP connections? and X window? are you aware of the fact
that by default, the X server also accepts connections via TCP on port
6000, and any bug in its host acces code would render your machine
vulnerable? you also verified that indeed you're not having redhat's linux
conf server running, for exmaple? what about portmap, without which you
will not be able to run any rpc-based program on your PC? and lpd is not
also active? does it not accept connections via TCP as well?

> I
> don't need stuff, I disable it. When I need it, I make sure it does what I
> it do (Again, ssh is a bad example :) ). 

and apprently proves my point - even your home PC that gives services to
no one, is not completely safe.

and if you trust other people to read the source code, then you leave a
chance for vulnerabilities.

again, don't get me wrong - i think it's not very likely that someone will
actually succeed with breaking into your PC - i'm just saying that you
cannot make it 100% secure...

guy


=================================================================
To unsubscribe, send mail to linux-il-request@linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request@linux.org.il