[Subject Prev][Subject Next][Thread Prev][Thread Next][Subject Index][Thread Index]
Re: [LIG] Re: How to identify a Unix machine....
Amarendra GODBOLE rearranged electrons thusly:
> Please do not use REAL names, or rather REAL transcripts of your FTP sessions.
> Might prove a major security hazard for your organisation. Also, check if
> your company's security policies allow you to represent real server names,
> user ids. etc..
security by obscurity in short ;) it's trivial to find out that
tatainfotech.co.in has a host called matrix ... and that matrix is running an
ftp server (try running nmap there)
Oh btw, _dont_ run an ftp server (least of all, wu-ftpd from the redhat rpm)
on a public IP, accessible to everybody. There are several nasty holes in
there. Switch to proftpd (or better, remove ftp, telnet and switch to rsync
Suresh Ramasubramanian + mallet<@>efn.org
You spamma my mailbox, I nukea da ass