[frgeek-michiana] Re: Security on Indy
- From: Tom Brown <tbrown@xxxxxxxxxxxx>
- To: frgeek-michiana@xxxxxxxxxxxxx
- Date: Tue, 20 May 2003 11:16:22 -0500
Too bad we can't list the open ports here on the list so we can discuss
them. But it probably isn't a good idea to publicly discuss security openings.
So, bring your port scans and other probes to lab Thu., and we'll talk
about the results there.
Tom
At 11:01 PM 5/19/03 -0500, you wrote:
>I turned off lpd, and installed nmap.
>What other services need to go?
>
>On Monday 19 May 2003 10:43 pm, you wrote:
>> On Mon, 19 May 2003 21:25:10 -0500
>>
>> Tom Brown <tbrown@xxxxxxxxxxxx> wrote:
>> > Indy is probably fairly open to attacks since there is no firewall, and
>> > we're relying on the small footprint Debian install.
>>
>> There is a fair amount that is open on the box....
>>
>> My number one rule for securing a system. If you DO NOT need the
>> service, shut it down!
>>
>> Number two rule for securing a system.. If you only need to dish out
>> stuff, setup a read only service!
>>
>> Number three rule.... When in doubt, shut the service off! You can
>> always turn it back on if need be.
>>
>> In the case of lpd (port 515) that's really not securable... Either get
>> the system behind a firewall (on a seperate box) or use cups. My
>> understanding is that cups is MUCH more secure then lpd.
>>
>> Just my two cents worth....
>>
>> > II will register a domain name this week and transfer our web site shtml
>> > to Indy. Aolserver 3.x deprecated SSI, but there is a substitute
>> > (ns_adp_include). So I should be able to rework the html accordingly.
>> > I'll find out what it takes for Michiana Freenet to redirect to Indy once
>> > we're ready.
>> > Tom
>>
>> Sounds exciting....
>>
>> Goose
>>
>>
>> To post to the list send email to <frgeek-michiana@xxxxxxxxxxxxxx>
>>
>> You may unsubscribe or change your list settings by going to the list
>> website at <http://www.freelists.org/webpage/frgeek-michiana>
>
>
>
>To post to the list send email to <frgeek-michiana@xxxxxxxxxxxxxx>
>
>You may unsubscribe or change your list settings by going to the list
website at <http://www.freelists.org/webpage/frgeek-michiana>
>
To post to the list send email to <frgeek-michiana@xxxxxxxxxxxxxx>
You may unsubscribe or change your list settings by going to the list website
at <http://www.freelists.org/webpage/frgeek-michiana>
- References:
- [frgeek-michiana] Re: Security on Indy
- From: Richard Zimmerman
- [frgeek-michiana] Security on Indy
- From: Tom Brown
- [frgeek-michiana] Re: Security on Indy
- From: John Billings
Other related posts:
- » [frgeek-michiana] Security on Indy
- » [frgeek-michiana] Re: Security on Indy
- » [frgeek-michiana] Re: Security on Indy
- » [frgeek-michiana] Re: Security on Indy
- » [frgeek-michiana] Re: Security on Indy
- [frgeek-michiana] Re: Security on Indy
- From: Richard Zimmerman
- [frgeek-michiana] Security on Indy
- From: Tom Brown
- [frgeek-michiana] Re: Security on Indy
- From: John Billings