From owner-freebsd-security  Fri Sep 22  6:56:13 2000
Delivered-To: freebsd-security@freebsd.org
Received: from point.osg.gov.bc.ca (point.osg.gov.bc.ca [142.32.102.44])
	by hub.freebsd.org (Postfix) with ESMTP id 427E737B42C
	for <security@FreeBSD.ORG>; Fri, 22 Sep 2000 06:56:07 -0700 (PDT)
Received: (from daemon@localhost)
	by point.osg.gov.bc.ca (8.8.7/8.8.8) id GAA07813;
	Fri, 22 Sep 2000 06:54:07 -0700
Received: from passer.osg.gov.bc.ca(142.32.110.29)
 via SMTP by point.osg.gov.bc.ca, id smtpda07811; Fri Sep 22 06:54:00 2000
Received: (from uucp@localhost)
	by passer.osg.gov.bc.ca (8.9.3/8.9.1) id GAA15939;
	Fri, 22 Sep 2000 06:54:00 -0700 (PDT)
Received: from cwsys9.cwsent.com(10.2.2.1), claiming to be "cwsys.cwsent.com"
 via SMTP by passer9.cwsent.com, id smtpdd15931; Fri Sep 22 06:53:08 2000
Received: (from uucp@localhost)
	by cwsys.cwsent.com (8.11.0/8.9.1) id e8MDr7M10945;
	Fri, 22 Sep 2000 06:53:07 -0700 (PDT)
Message-Id: <200009221353.e8MDr7M10945@cwsys.cwsent.com>
Received: from localhost.cwsent.com(127.0.0.1), claiming to be "cwsys"
 via SMTP by localhost.cwsent.com, id smtpdS10939; Fri Sep 22 13:52:19 2000
X-Mailer: exmh version 2.1.1 10/15/1999
Reply-To: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca>
From: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca>
X-OS: FreeBSD 4.1-RELEASE
X-Sender: cy
To: Brett Glass <brett@lariat.org>
Cc: Wes Peters <wes@softweyr.com>, nbm@mithrandr.moria.org,
	security@FreeBSD.ORG
Subject: Re: sysinstall DOESN'T ASK, dangerous defaults! (Was: Re: wats 
 so special about freeBSD?)
In-reply-to: Your message of "Thu, 21 Sep 2000 18:32:48 MDT."
             <4.3.2.7.2.20000921182152.046d6ee0@localhost> 
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Fri, 22 Sep 2000 06:52:19 -0700
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

In message <4.3.2.7.2.20000921182152.046d6ee0@localhost>, Brett Glass 
writes:
> At 04:40 PM 9/21/2000, Wes Peters wrote:
> 
> >Brett, did it ever occur to you THESE ARE THE DEFAULTS because MOST PEOPLE
> >WANT THEM THAT WAY?  Most people who install FreeBSD just want telnet, mail,
> >and NFS to work, 
> 
> IMHO:
> 
> Telnet is dangerous and should be disabled now that SSH is in common use
> and is not encumbered by patents. sshd should be on unless the user
> asks for it not to be. (He or she should still be asked.)

I submitted two awk scripts to this list late last week that disable 
services in inetd that those of us who are paranoid would normally 
remove.  Absolutely no one was interested.  For that matter I didn't 
even receive a comment about the scripts from you.  Absolutely nobody 
is interested in this issue.  The defaults are there because the 
majority wants them there.


Regards,                       Phone:  (250)387-8437
Cy Schubert                      Fax:  (250)387-5766
Team Leader, Sun/DEC Team   Internet:  Cy.Schubert@osg.gov.bc.ca
Open Systems Group, ITSD, ISTA
Province of BC




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message