On Sat, Nov 18, 2006 at 06:58:13AM -0800, Maverick wrote: > Hi > i am trying to secure my OpenBSD. > I am quite new to OpenBSD so i am reading the book "Mastering FreeBSD And > OpenBSD Security " > > It said "Your rsh/rlogin daemons (that for some crazy reason you didn't > disable yet) will now permit root logins from any system with no password" > > Is that mean i should disable rsh ? Or disable rlogin ? > > If one of them so can you please tell me how can i do it? > > Thanks a lot > > Best regard > Maverick > -- > View this message in context: > http://www.nabble.com/Disable-rsh-or-not--tf2660269.html#a7420083 > Sent from the openbsd user - misc mailing list archive at Nabble.com.
First, good for you for learning about security. After installation, you may have noticed that root had mail. Read that carefully, save a copy, print it out. Next, man afterboot(8) which also has many good things to tell you about your new system, including ways to make it even more secure. If you follow the above two resources, you will notice that rshd is commented out in inetd.conf. This is a very good thing as a default. I haven't read that book, but I can guess that many of the things they tell you to turn off are already off in OpenBSD by default. Some things may be turned on, but do not really pose a security risk. It's up to you to learn and decide for yourself. Take what the authors are telling you as a starting point. -- Darrin Chandler | Phoenix BSD Users Group [EMAIL PROTECTED] | http://bsd.phoenix.az.us/ http://www.stilyagin.com/ |
