[NCLUG] Network configuration
R P Herrold
herrold at owlriver.com
Thu Oct 26 06:28:10 MDT 2000
> > A stock, non-firewalled, Redhat system is likely to be cracked within days
> > of being connected to the Internet.
... Simply FUD and opinion, unless you mean by 'stock,' "not
patched with updates" -- I daresay _that_ is true about ANY
mainline OS or distribution costing less than $30k. Even
OpenBSD running a FTPD pre July 2000 would be vulnerable.
Also untrue. I am called in to new sites to take over admin
when folks get out of their depth. Often I cannot understand
how they were NOT cracked -- Open old named, open portmapper,
weak passwords, ancient sendmail, unsafe cron, all services
wide open and not wrappered. I have one in mind that was
running an unpatched RH 5.0, and had been for years, with an
international clientele of users which was uncompromised.
That said, security is a risk exposure minimizaton process,
not a destination. The first thing I did to that system
mentioned in the prior paragraph was turn off, remove,
wrapper, and update.
-- Russ
More information about the NCLUG
mailing list