r* services. Was: Re: March Meeting Presentations
foodog
plug-discuss@lists.plug.phoenix.az.us
Tue, 12 Mar 2002 19:55:54 -0700
George Toft wrote:
>
> "der.hans" wrote:
> >
> > Am 11. Mar, 2002 schwätzte George Toft so:
> >
> > > This machine is not connected to the Internet without a
> > > firewall, is it? Please say it isn't.
> >
> > It's obviously a mostly default RH 7.x box running KDE. While it sucks that
> > portmap and other atrocities get started up, some of those services are
> > configured to ignore external connections and it does have a basic ipchains
> > firewall ( provided it hasn't been disabled ).
> >
> > My redirection service appears to be having probs, so here's a temporary URL
> > for my RH setup and secure doc I wrote last year.
> >
> > http://arizona.speedchoice.com/~lufthans/unix/docs/HOWTO/securing_RedHat.html
> >
> > I just ran through 7.2 last week. This doc still mostly applies.
> >
> > Yes, George, I know it's EBo's machine, not yours, but I wanted to respond
> > to your comment ;-). He should go over my doc :).
>
> It's probably a carryover from my early Unix days where the
> r* services were major gaping holes in a boxes security. This
> seems to get reinforced periodically with security advisories.
> Being paranoid, I fail safe.
>
> George
Somebody still thinks the r* services are holes. I've been averaging
about 3 scans per day on TCP port 111 for about the last month.
Steve