[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[linux-security] Re: Services not required?



Stephen Costaras writes:
> 
> I'm in the process of locking down as much of my systems here
> as possible as to available ports.  I am down to only a handful
> but am not sure how much of a security risk they pose and was
> wondering if anyone here might be able to comment, or suggest
> secure versions to run:
> 
> 21/FTP        (WU-ftpd v2.4.2 BETA 14)

> 23/TELNET     (Netkit 0.09)

Replace unencrypted telnet with telnet-98.02.16, which supports
strong encryption via either SRP or Kerberos.  Run telnetd with
the "-a valid" option in inetd, which will permit only secure
connections to succeed.  The same applies to secure, SRP-enabled
FTP.  Windows and Linux clients/servers are at
<http://srp.stanford.edu/srp/>.
-- 
Tom Wu                        * finger -l tjw xenon stanford edu for PGP key *
 E-mail: tjw cs Stanford EDU          "The box said 'Requires Windows 95, NT,
  Phone: (650) 725-6969                   or better,' so I installed Linux."
   http://www-cs-students.stanford.edu/~tjw/   http://srp.stanford.edu/srp/



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]