ubuntu post installation hardening
Derek Broughton
derek at pointerstop.ca
Thu May 21 13:36:43 UTC 2009
Florian Diesch wrote:
> Derek Broughton <derek at pointerstop.ca> wrote:
>
>>
>> That is, of course, "good enough for most people", but I have to admit I
>> find it a bit scary - it's way too easy for a user to open up ports
>> without knowing the potential consequences (say, sudo aptitude install
>> telnetd).
>
> But if I'm installing telnetd I wouldn't expect I have to open the port
> at the firewall before I can use it.
>
> IMHO the better solution would be to inform them about the potential
> consequences when installing remote accessible software.
Certainly something like telnetd should do that (I'm setting up a dlink DSM-
G600 right now, and looking at the hacks suggesting installing telnet -OK, I
might need to do that to get initial access to the linux OS on it, but
surely there should have been SOME suggestion that putting telnetd on your
network file server might be a poor idea!), but I really don't see a problem
with such a program not telling you you have to open the firewall. If you
can't work that out, you probably shouldn't be doing it :-)
--
derek
More information about the ubuntu-users
mailing list