Date: Wed, 30 Jul 1997 00:30:24 +0200 From: sthaug@nethelp.no To: vince@mail.MCESTATE.COM Cc: freebsd-security@FreeBSD.ORG Subject: Re: securelevel (was: Re: security hole in FreeBSD) Message-ID: <5883.870215424@verdi.nethelp.no> In-Reply-To: Your message of "Tue, 29 Jul 1997 14:46:11 -0700 (PDT)" References: <Pine.BSF.3.95.970729143706.3844g-100000@mail.MCESTATE.COM>
next in thread | previous in thread | raw e-mail | index | archive | help
[cc list trimmed] > I was considering installing ssh but there is only one problem. > I use Win95 from my own side at times for various reasons as well as > the other remote admins. So a ssh client does cost money. We're > volunteers and are not getting paid in any shape or form. The ssh client for Windows is $99. Educational sites are eligible for a 50% discount. Or you could run the FreeBSD version - for free. It sounds like you're saying that the extra hassle you and your fellow system administrators (and your users) are having because of the breakin is worth less that $99. Are you sure you have your priorities straight? (For comparison - I run ssh for practically *all* remote logins, even on the same LAN. ssh won't solve all your security problems, but it can be an important *part* of better security.) With respect to passwords, your goal should be that no password is sent in the clear. Ever. This is difficult to reach, but you'll find it helps you to focus on security quite a bit. Steinar Haug, Nethelp consulting, sthaug@nethelp.no
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5883.870215424>