Date: Sun, 2 Jul 2000 04:37:10 -0400 From: Bill Barnes <bbarnes@operamail.com> To: cjclark@alum.mit.edu Cc: freebsd questions <questions@FreeBSD.ORG> Subject: RE: Ports via FTP Message-ID: <398FACC7@operamail.com>
next in thread | raw e-mail | index | archive | help
>===== Original Message From cjclark@alum.mit.edu ===== >On Sun, Jul 02, 2000 at 01:55:41AM -0400, Bill Barnes wrote: >> I created the wrong impression. It isn't FreeBSD that I'm worried about, it's >> the crackers. >> This afternoon and evening the download was stalled a lot and there is some >> offline peparation time and I've read there is significant risk in connecting >> to the internet as root. >> It doesn't matter too much right now because I just installed and haven't >> anything to lose. I was logged in as root for other maintenance and, frankly, >> forgot about that until I started the ftp. >> If i login as non-root, establish the internet connection, then su for the ftp >> process, does that eliminate the risk of 'root online'; or maybe I am worried >> about a non-problem. > >Hmmm... I'm still not quite understanding you. How do you log in as >non-root to establish the Internet conncetion, _then_ ftp after su'ing >to root. I mean, isn't the ftp connection the "Internet connection" we >are talking about? > >Crist J. Clark cjclark@alum.mit.edu Here's the configuration I might use. Login as non-root In screen 1 connect to my ISP and in the same screen execute Netscape In screen 2 (for comfort) bring up xterm and su, ftp Now I can browse, email, whatever while the ftp process does its thing. Hence, I am connected to a trusted machine and who knows what else. That sounds like my ftp connection is exposed thru the browser connections. But isn't the ftp connection exposed to an intruder anyway. Hope I don't appear too dense hear but I haven't the foggiest about cracker technology. Bill Barnes To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?398FACC7>