On Sat, Jun 23, 2001 at 09:33:13AM -0400, Greg wrote:
> root@myhost. The alarming part was the content of the messages which
> included my password file (im not running yp yet)
Oh, I missed this the first time. Don't run NIS unless you
*ABSOLUTELY HAVE NO CHOICE* in the matter. Especially if the machine
is connected directly to the Internet. You might as well leave no
root password on the box.
Likewise, don't run autofs, NFS, or any other RPC-based service. RPC
is virtually impossible to secure (because it relies on host-based
authentication which can be easily spoofed), and RPC on Linux is
worse, because the code is (so I hear from friends who actually look
at it) often really bad. If you must run these services, make sure
it's behind a firewall, and make sure you stay on top of patches.
--
---------------------------------------------------
Derek Martin | Unix/Linux geek
[EMAIL PROTECTED] | GnuPG Key ID: 0x81CFE75D
Retrieve my public key at http://pgp.mit.edu
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
