tcp rgds
Frank -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of [EMAIL PROTECTED] Sent: Monday, 19 November 2001 6:13 PM To: [EMAIL PROTECTED]; Linux Mandrake Expert Mailing List Subject: RE: [expert] Webmin Thanks again, i'll have to dig out the iptables howto to make sure that I don't open anything other than port 10000, btw, is webmin tcp or udp? <brain ache...monday morning> > actually, I think they are still 8 chars, but I make long ones anyway,, > > also, most people don't add gibberish till the end of the password, which > sort of ruins the > purpose, I use gibberish all the way though.. > > you can download a password cracker and test your passwords if you are > unsure of their security.. > > rgds > > Frank > > > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > Sent: Monday, 19 November 2001 5:40 PM > To: [EMAIL PROTECTED]; [EMAIL PROTECTED] > Subject: RE: [expert] Webmin > > > Are the password still 8 character significant for the crypt() > function, or has Linux changed this? > > Thanks for your response. > Dave > > > > When webmin is running, it is bound to port 10000 since webmin uses > its own > > 128bit > > certificate for encryption, its very safe, no passwords get passed > in clear > > txt and > > its rather difficult to run a brute force password script on a web > based > > admin program. > > if your passwords are up to the task, you will be fine.. (all my > passwords > > are at least > > 11 characters long and contains small chars, CAPS chars, numbers4321 > and > > symboles!@@#@!! > > > > Since I started using no non non encrypted services, started using > long > > passwords for stuff.. > > (in fact, usernames that need to be there and have a log in, but > don't log > > in as a person (ie having to type in a password), have passwords up > to 50 > > characters long, I type them in a txt editor, usually they are > complete > > giberish > > and cut and paste them into the passwd screen) I have never been > > compromised. > > > > so Webmin will fine if used hand in hand with a decent password > policy.. > > > > > > rgds > > > > Frank > > > > > > > > > > > > > > > > > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED]]On Behalf Of > > [EMAIL PROTECTED] > > Sent: Monday, 19 November 2001 5:08 PM > > To: [EMAIL PROTECTED] > > Subject: [expert] Webmin > > > > > > Hi All, > > > > How secure is webmin, I know that is uses a https server, but I need > > to administer a machine remotely. The MDK 8 box has bastille loaded > > and currently all ports except ssh, are bolted down. How safe would > it > > be for me to allow the port 10000 for webmin. Is this good or is > there > > some real threats associated with this. Webmin is already installed > > and is used accross the SOHO network...it's just an issue of opening > > the WEB side access. > > > > TIA > > Dave. > > > > ----------------------------------------------------------------- > > This message was sent via the web interface to > > Sniff Out's POP3 Email - http://www.sniffout.net/ > > > > > > > > > > > > > > > ----------------------------------------------------------------- > This message was sent via the web interface to > Sniff Out's POP3 Email - http://www.sniffout.net/ > > > > ----------------------------------------------------------------- This message was sent via the web interface to Sniff Out's POP3 Email - http://www.sniffout.net/
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
