[nSLUG] Security on dialup
julien.savoie at usainteanne.ca
Fri Mar 7 08:30:27 AST 2014
On 26/02/14 10:03 AM, Vlado Keselj wrote:
> 1. My simple rule: Simply forget about rsh, rlogin, and similar. Telnet
> may be useful for debugging servers and similar, if you know what you are
> doing. Always use ssh. (And live relatively worry-free. :-)
> 2. For syncronizing time, I would try to use the standard NTP protocol.
> With internet connection, you can use a daily cron job with the following
> /usr/sbin/ntpdate time.nrc.ca
> /usr/sbin/hwclock --systohc
> (Assumes installed ntpdate package.)
> This gets nearly perfect time and sets the hardware clock accordingly.
> BIOS clocks are quite inaccurate in my experience: some will drift even
> 11 seconds a day, so running this daily is a good idea.
If there's a concern for security, and you're abandoning non-encrypted
protocols, then one might want to look at the security of NTP itself.
Might I suggest taking a look at tlsdate:
https://github.com/ioerror/tlsdate or the unstable branch of Debian;
More information about the nSLUG