[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Quick security guide

Subject: Re: [cobalt-security] Quick security guide
From: "Michael Stauber" <cobalt@xxxxxxxxxxxxxx>
Date: Thu, 17 Jan 2002 16:53:41 +0100
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Hi Eugene,

> Following up my own posting to this list and subsequent comments,
> I've assembled a web page with short security guide.

nice work. However, I'd like to point out a two edged sword in there:

For "scp" you need ssh and shell access for the users, as you have 
correctly pointed out in your writeup. Well, giving people shell access 
opens the gates for other problems as there are quite a few things even 
an unprivileged user can do from the inside. 

So I wonder what's worse: having the unwashed masses storming your 
unsecured proFTPd port, or the chance of having one foul apple with 
shell access in the basket. 

In the end it is a matter of personal preference, as there are very few 
other alternatives available. Unless you opt for one of the various 
Secure-FTP or Safe(F)TP daemons available.

-- 
With best regards,

Michael Stauber
SOLARSPEED.NET

Prev by Date: Re: [cobalt-security] Portsentry, ipchains and pmfirewall
Next by Date: RE: [cobalt-security] Psql Backup
Previous by thread: Re: [cobalt-security] Quick security guide
Next by thread: Re: [cobalt-security] Quick security guide

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index