l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
November 4: Social gathering
Next Installfest:
TBD
Latest News:
Oct. 24: LUGOD election season has begun!
Page last updated:
2005 Mar 15 12:09

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] Spyware For Linux?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] Spyware For Linux?



Peter Jay Salzman wrote:
On Tue 15 Mar 05, 11:13 AM, Bill Kendrick <nbs@sonic.net> said:

On Tue, Mar 15, 2005 at 10:46:15AM -0800, Jonathan Stickel wrote:


It bothers me that Fedora turns sshd on by default.
A naive user could set a silly root password, and they'll be cracked in a few hours.
Does it allow root to SSH in by default?  (I've seen setups which specifically
do /not/.)
Jonathan, I think this is overcautious.

There is no concept of absolute security. Security all about compromise:
What inconveniences are you willing to suffer through in the name of keeping
your system secure? That's the question we all ask, implicitly or
explicitly.

Installing a daemon to allow remote login to your computer, I feel, falls
well on the side of acceptable for most uses of a computer.

If you're installing a system that needs to be SO secure that an ssh daemon
is undesirable, your kung-fu is probably good enough that you're well aware
sshd got installed and you know how to disable it.

At that level, either your kung-fu is good enough of you hire a professional
staff to take care of your IT.

Oh, I agree with you. Most of us want to have ssh ability. I'm thinking of all the newbies I help install linux for who have no idea that a remote login is even possible. Then they complain about having to use root all the time, and they change the root password to something silly, like "root". Then they get hacked through ssh and exclaim "I thought you said Linux was secure!"

I think that if you want ssh, you will know what it is and will know to enable it. It just occurred to me, though, that Fedora's firewall automatically blocks the ssh daemon. So Fedora is secure by default after all.

Jonathan
_______________________________________________
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
EDGE Tech Corp.
For donating some give-aways for our meetings.