Date: Wed, 15 Aug 2001 09:33:53 -0500 From: Eric Anderson <anderson@centtech.com> To: mixtim@mixtim.homeip.net Cc: security@freebsd.org Subject: Re: cvs commit: src/etc inetd.conf Message-ID: <3B7A8851.3523EC9B@centtech.com> References: <20010815134852.B16184@zerogravity.kawo2.rwth-aachen.d> <59836.997879734@axl.seasidesoftware.co.za> <20010815100621.A5853@mixtim.homeip.net> <3B7A8424.CBFF1F30@centtech.com> <20010815102415.A5942@mixtim.homeip.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Mixtim wrote: > > On Wed, Aug 15, 2001 at 09:16:04AM -0500, Eric Anderson wrote: > > Here's the thing. I thought that was a great idea - until I started > > installing (ick) RedHat 7.1 on a few machines here at the office. It > > has everything closed off, so remote access is not possible off the hat > > (ssh will work, but you have to add a local non-root user). > > I should have stated ssh as an exception. You almost always have to have > it running. Of course, logging in as root and executing the sshd command > only takes a few seconds. > > > Plus, anyone installing FreeBSD should have a good idea that they are > > installing an OS that has many servers running, some possibly easy to > > hack. > > If CodeRed taught us anything it is that there are more than enough > clueless admins on the net. Just because someone installed FreeBSD > doesn't mean they are that much more intelligent. If CodeRed taught us anything, it's to not use Microsoft OS's for production servers. Yes, there are a lot of clueless admins out there, but the reason MS has made such shotty software for servers (in my opinion) is because they continue to dumb it down, making it simpler and simpler to set up. This is exactly the reason that everyone and their dog thinks they can be a SysAdmin and do just fine. I guess it's kind of a survival of the fittest thing. > > > It isn't up to the programmers of the operating system to protect the > > users of it. > > Then why is there a security@freebsd.org address? Good point, but thats a little different. Warning those who care (subscribers of the list) about security advisories is MUCH different than making the OS mute because a percentage of the installers can't figure out (or don't know that they SHOULD figure out) how to turn off sendmail, telnet, etc. It just won't save the experienced users any time to have them disabled, and it won't stop the 'clueless' from being just that. -- ------------------------------------------------------------------------------- Eric Anderson anderson@centtech.com Centaur Technology (512) 418-5792 Truth is more marvelous than mystery. ------------------------------------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3B7A8851.3523EC9B>