[nSLUG] Security on dialup
vlado at cs.dal.ca
Wed Feb 26 10:03:09 AST 2014
My 2 cents (might not be very helpful -- sorry):
1. My simple rule: Simply forget about rsh, rlogin, and similar. Telnet
may be useful for debugging servers and similar, if you know what you are
doing. Always use ssh. (And live relatively worry-free. :-)
2. For syncronizing time, I would try to use the standard NTP protocol.
With internet connection, you can use a daily cron job with the following
(Assumes installed ntpdate package.)
This gets nearly perfect time and sets the hardware clock accordingly.
BIOS clocks are quite inaccurate in my experience: some will drift even
11 seconds a day, so running this daily is a good idea.
Without Internet connection, this would require running NTP server on your
3. Going back to the original question: rsh is probably not allowing
loggin in as a root, which is a good idea. While you need to be a root on
"grody", you do not have to be a root on "nudel", so why not use a user
account, something like:
grody-root% date -s `rsh -l user1 nudel date`
On Wed, 26 Feb 2014, Ben Armstrong wrote:
> On 02/26/2014 02:56 AM, Mike Spencer wrote:
> > If I had an always-on high speed internet connection, there are
> > several things I'd have to change, I guess. As it is, one box is
> > episodically on the net by dial-up.
> It's a game of percentages, isn't it? Always-on high speed internet
> means more time for the attacker to attack you, but how long, exactly,
> do you think it takes for an attack to succeed? I think an admin on a
> system connected via dialup should be every bit as careful about
> security as one on high speed Internet.
> nSLUG mailing list
> nSLUG at nslug.ns.ca
More information about the nSLUG