Date: 28 Jul 1998 08:44:25 +0200 From: smoergrd@oslo.geco-prakla.slb.com (Dag-Erling Coidan Smørgrav) To: Greg Pavelcak <gpavelcak@philos.umass.edu> Cc: Dag-Erling Coidan =?iso-8859-1?Q?Sm=F8rgrav?= <dag-erli@ifi.uio.no>, "Jan B. Koum " <jkb@best.com>, Dennis Reiter <mcneills@accessus.net>, chat@FreeBSD.ORG Subject: Re: QPopper exploit Message-ID: <rx467gi1nli.fsf@oslo.geco-prakla.slb.com> In-Reply-To: Greg Pavelcak's message of Mon, 27 Jul 1998 18:14:49 -0400 (EDT) References: <Pine.BSF.4.01.9807271810090.254-100000@tower.my.domain>
next in thread | previous in thread | raw e-mail | index | archive | help
Greg Pavelcak <gpavelcak@philos.umass.edu> writes: > Me, for example. But the question is what constitutes "proper > security" for a run-of-the-mill pc-user (well equipped with > FreeBSD as his OS) who only goes on-line to fetch his mail and do > a little surfing. Disable inetd; you don't need anyway unless you have a LAN at home. Disable sendmail. Disable routed (you should do that anyway). Even better, read the ppp(8) man page and set up ppp to block all incoming connections (you'll have to use passive mode ftp and cvsup; the former is trivial, and the latter is explained in the cvsup FAQ) BTW, there's a bunch of docs in /usr/src/usr.sbin/ppp too. > > If I were a cracker, the first thing I'd try would be to scan IP > > ranges known to belong to large ISPs' dialup servers, precisely for > > that reason (and also because there's a much higher chance of finding > > machines run by inexperienced or careless people there than amongst > > permanently connected hosts) > Hmm, major universities for example? (He asks through his UMass > PPP account.) And I answered through my University of Oslo PPP account :) DES -- Dag-Erling Smørgrav - smoergrd@oslo.geco-prakla.slb.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?rx467gi1nli.fsf>