[1849] in linux-security and linux-alert archive
[linux-security] Re: Services not required?
daemon@ATHENA.MIT.EDU (Andrew Frolov)
Tue Jun 9 10:01:47 1998
Date: Tue, 9 Jun 1998 16:43:35 +0400 (MSD)
From: Andrew Frolov <dron@ilm.net>
To: linux-security@redhat.com
In-Reply-To: <Pine.LNX.3.96.980609140037.12484A-100000@andercheran.aiind.upv.es>
Resent-From: linux-security@redhat.com
Reply-To: linux-security@redhat.com
> > > 22/SSH (1.22)
>
> Could replace telnet. Perhaps also ftp, but only between UNIX machines (I
> think there isn't a 'scp' port for non-unix OS's).
>
> Latest version is 1.2.23 and fixes some bugs.
>
> > > 23/TELNET (Netkit 0.09)
>
> Good version, but sniffable service.
>
JUST CLOSE TELNET SERVICE!
Force your users to use ssh - there are already 2 clients for windows,
aik: SecureCRT and SSH for Windows.
> > > 25/SMTP (Sendmail v8.8.7)
>
> Could upgrade to sendmail 8.9.0 (and if you can, use tcp-wrapper to only
> allow your main 'trusted' mailhost of your subnet to send mail to you).
Replace Sendmail with QMAIL:
qmail is a modern replacement for sendmail, written by Dan Bernstein.
qmail is proven to be more secure than Sendmail, and much faster.
It is an excellent mail host, in many ways superior to Sendmail (and not
in some others). Its main reasons for use are:
Ease of maintenance
Ease of building spam-free mail spools
Support for Maildirs
Very advanced queue management
Reliability over NFS
Speed & memory footprint
Great support from the qmail community
http://www.qmail.org
> > > 110/POP3 (Katie Steven's v1.016)
>
> I don't know if that version is secure, but it's a sniffable service.
Also replace with qmail's pop3d.
--
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------
To unsubscribe:
mail -s unsubscribe linux-security-request@redhat.com < /dev/null