Date: Fri, 24 Sep 2004 08:05:25 -0400 From: Bart Silverstrim <bsilver@chrononomicon.com> To: freebsd-questions@freebsd.org Subject: Re: Ultimately Safe User Account Message-ID: <04C62390-0E22-11D9-B75A-000D9338770A@chrononomicon.com> In-Reply-To: <001101c4a1d1$639ce540$460011ac@SATPC> References: <2D8BB15C7B5C214F81C32D3A83B32736013D45B3@idbexc01.americas.cpqcorp.net> <20040923223849.GK40647@therub.org> <001101c4a1d1$639ce540$460011ac@SATPC>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sep 23, 2004, at 8:56 PM, Andrew wrote: > Dan Rue wrote: >> >> How's he supposed to learn anything if all you give him is a jail with >> ls cp mv sh and vi? sheesh. That'll turn him off unix pretty quick. > > > Thanks for your feedback. I guess I'll just let him in and try not to > worry. Well, the trouble is that I am the one administering the box and > that it was this summer when I started reading heaps of unix/bsd > documentation - for the first time in my life. I'm still paranoid about > my own actions, not to mention smb's else. I'll give him cygwin/livecd > as well, though. > If you're somewhat new (even if you're not...) I'd even more strongly suggest investing in VMWare or some other VM software using disk images to work from...it's the ultimate free reign learning environment and virtual jail. Even seasoned admins can get lazy or get hit by some new trick in the book that they didn't previously know about. No one I worked with was really familiar with SSH beyond the command line access...and they were impressed with X forwarding. Then I learned about port redirection using SSH, so any ssh-accessible machine on the Internet could potentially be used to see any other machines within the same subnet as the ssh server, allowing me access to some machines not visible with simple scans of a NATed network. Took a few times explaining how it worked, and it's come in handy for remote administration at times and the people I explained the technique to were impressed at the potential for this to be helpful as a tool (and as a potential security breach...) The point is that there are more things in system administration and user's minds than dreamt of in any single admin's philosophy, Horatio :-) -Bart
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?04C62390-0E22-11D9-B75A-000D9338770A>