Netkit

David D.W. Downey david.downey at codecastle.com
Mon Sep 25 17:25:54 PDT 2000


On Mon, 25 Sep 2000, Jeffery McLean wrote:

> On Mon, 25 Sep 2000, you wrote:
> > Netkit-combo isn't really a sec breach.
> 
> Just my prospective on this...
> combo installs a nice set of programs that might be very helpful
> but not absolutly nessisary.

Considering that you can't do anything useful like telnet to another
machine to ftp or any of the key things for geting more stuff once the
system is up and running, I'd say they are more than just helpful.


> Also some of the default network clinets do present minnor security risks...
> telnet and ftp.. if your going into an account they don't encrypt the
> connection..

As long as you add ALL: ALL to your /etc/hosts.deny file or disable the
daemons in your /etc/inetd.conf file you should not have anything to worry
about. As long as they are not running bare, they are fine.

Not that hard to add a ALL: ALL to /etc/hosts.deny and an
in.telnetd: 127.0.0.1 ip_of_friendly_machine to your /etc/hosts.allow.
(That is unless you are too lazy to do this in which case I have no
sympathy.)


> not helpful...

Depends on how you look at it.



-- 
David D.W. Downey          Red Hat Certified Engineer   |   Internet Security Specialist        $
KiXO Linux                 http://www.KiXOLinux.com | http://sourceforge.net/projects/kixolinux/
Member OSWG, LPI           http://www.owsg.org   |   http://www.lpi.org
     -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
       "Any lad can choose the mundane, but tis the explorers that are truly free in choice!"







More information about the lfs-dev mailing list