[101999] in RedHat Linux List
RE: 'root'' login vs. 'standard user' login
daemon@ATHENA.MIT.EDU (Fred W. Noltie Jr.)
Mon Nov 30 19:30:01 1998
In-Reply-To: <007d01be1cac$24f59720$f80a020a@tech.chuhpl.lib.oh.us>
Date: Mon, 30 Nov 1998 18:30:11 -0600 (CST)
From: "Fred W. Noltie Jr." <criterion-consulting@usinternet.com>
To: redhat-list@redhat.com
Resent-From: redhat-list@redhat.com
Reply-To: redhat-list@redhat.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 30-Nov-98 George Lenzer spluttered:
[snip]
# i am not
# concerned about security since this is all on my home network and no
# one
# else in my family is into "hacking". ;)
You should nevertheless be concerned about crackers trying to break
into your computer if you ever connect to the Internet. If
they succeed in getting access to your computer, you want them to be
able to do as little as possible. The more "convenient" you make things
for you to do administrative-type stuff, the more convenient it is for
your unwanted guests (if you ever have them, and hopefully you won't).
Just last week I had a "visitor" attempting to take advantage of some
2-year old vulnerabilities in Apache on my box. He didn't get in, but
he tried. I have dialup access to the Internet only from this computer
- -- no real domain name, no static IP. He didn't get in because I try to
keep up to date on security fixes (and, probably, because he
tried the wrong tricks; I'm not at all claiming that my computer is
super-secure).
I have had people try to telnet into my box, try gopher, try POP3, try
netstat, etc.
You should take it seriously, because these things happen even to home
users!
Just a tip,
Fred Noltie
- ----------------------------------------------
"The road to tyranny, we must never forget, is
the destruction of the truth." -- Bill Clinton,
University of Connecticut speech, October 1995
- ----------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.0
Charset: noconv
iQA/AwUBNmM4k+G4uDOIy4C4EQK/oQCg0fTvRH9VvMU0AZxENKiJp5Hfn6gAoIPM
V50Tk2JXk7bWir2F5eIFecwe
=odeL
-----END PGP SIGNATURE-----
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
http://www.redhat.com http://archive.redhat.com
To unsubscribe: mail redhat-list-request@redhat.com with
"unsubscribe" as the Subject.
