Date: Wed, 11 Oct 2000 15:42:03 -0700 From: Alfred Perlstein <bright@wintelcom.net> To: Matt Dillon <dillon@earth.backplane.com> Cc: Poul-Henning Kamp <phk@critter.freebsd.dk>, Marius Bendiksen <mbendiks@eunet.no>, arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf Message-ID: <20001011154203.S272@fw.wintelcom.net> In-Reply-To: <200010112202.e9BM2ns23441@earth.backplane.com>; from dillon@earth.backplane.com on Wed, Oct 11, 2000 at 03:02:49PM -0700 References: <88823.971294422@critter> <200010112202.e9BM2ns23441@earth.backplane.com>
next in thread | previous in thread | raw e-mail | index | archive | help
*gets out rusty garden shears* [snip snip snip] how about a nice big dialog box that asks the use to configure the relative secureness of the box with an explanation text: simple: The only external services configured will be telnet, ftp and sshd, if you need to log in as root be sure to add a user and make sure he is in the 'wheel' group. You should also understand that in todays enviorments what looks like your local lan can actually be part of a much larger switched topology and using insecure and unencrypted services such as telnet and ftp is illadvised. hardened: The only external service enabled is sshd, and you will NOT be able to log in as root, be sure to create a user and add him to the 'wheel' group. If you do not understand this, then you may want simple. 1990: All services on, all filesystems exported, '+ +' in /etc/rhosts, etc. (sunos 4.1.4 emulation enabled) (Of course I'm kidding about the last option, and you probably want to run this through a spell checker a couple of times). Someone actually making the patches to give users these choices would be a lot more prodecutive that going at each other's throats. So how about we drop the discussion until someone makes such patches available? thanks, -- -Alfred Perlstein - [bright@wintelcom.net|alfred@freebsd.org] "I have the heart of a child; I keep it in a jar on my desk." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001011154203.S272>