[1855] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

[linux-security] Re: Services not required?

daemon@ATHENA.MIT.EDU (Tom Wu)
Wed Jun 10 18:29:06 1998

From: Tom Wu <tjw@CS.Stanford.EDU>
To: linux-security@redhat.com
Date: Tue, 9 Jun 1998 11:13:43 -0700 (PDT)
In-Reply-To: <016e01bd9315$cbe32820$34a2eecf@tecra740cdt.chaven.com> from "Stephen Costaras" at Jun 8, 98 02:44:04 pm
Resent-From: linux-security@redhat.com
Resent-Reply-To: linux-security@redhat.com

Stephen Costaras writes:
> 
> I'm in the process of locking down as much of my systems here
> as possible as to available ports.  I am down to only a handful
> but am not sure how much of a security risk they pose and was
> wondering if anyone here might be able to comment, or suggest
> secure versions to run:
> 
> 21/FTP        (WU-ftpd v2.4.2 BETA 14)

> 23/TELNET     (Netkit 0.09)

Replace unencrypted telnet with telnet-98.02.16, which supports
strong encryption via either SRP or Kerberos.  Run telnetd with
the "-a valid" option in inetd, which will permit only secure
connections to succeed.  The same applies to secure, SRP-enabled
FTP.  Windows and Linux clients/servers are at
<http://srp.stanford.edu/srp/>.
-- 
Tom Wu                        * finger -l tjw@xenon.stanford.edu for PGP key *
 E-mail: tjw@cs.Stanford.EDU          "The box said 'Requires Windows 95, NT,
  Phone: (650) 725-6969                   or better,' so I installed Linux."
   http://www-cs-students.stanford.edu/~tjw/   http://srp.stanford.edu/srp/

-- 
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------

To unsubscribe:
  mail -s unsubscribe linux-security-request@redhat.com < /dev/null


home help back first fref pref prev next nref lref last post