Re: Permit root login for telnet..



Heh, I think you're missing the point. For discussion's sake -
sysadmin's job is, among many other things, to assure information
integrity and security, and do so not by relying on HR policies and
the belief that everyone around them is sane, but by implementing
sound security practices.

G

On 8/30/06, Shekhar Dhotre <sdhotre@xxxxxxxxxxxx> wrote:
>>logs into random boxes, erases critical data, drops a couple of
databases.

So you may also know that whoever gets pissed off and does it -his/her
IT career is over as reference is everything in today's world.


We use ssh and all other security stuff here -this is just for
discussion.

-----Original Message-----
From: redhat-list-bounces@xxxxxxxxxx
[mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of Greg Golin
Sent: Wednesday, August 30, 2006 7:12 PM
To: General Red Hat Linux discussion list
Subject: Re: Permit root login for telnet..

Nice approach. Someone gets pissed off, sniffs out the passwords, logs
into random boxes, erases critical data, drops a couple of databases.
Then (if caught) they get fired. Your IT guys spend weeks restoring
date from backups, wondering what else might have been damaged.
Thousands of dollars in wages spent on rolling things back.
Because your "company policy" does not adhere to basic, --BASIC--
security practices that are FAR from novel, and are implemented in the
smallest shops.

G

On 8/30/06, Shekhar Dhotre <sdhotre@xxxxxxxxxxxx> wrote:
> >>>until someone broke
>
> So there are unix guys who are better than Unix admins in your shop ?
> or was it programmer ? You can easily trace that out -who logged in
by
> IP -DHCP etc.. we do it all the time ..
> If someone here even logs into co-workers machine without his
permission
> that's against company policy - HR disciplinary action - gets fired.
>
>
> -----Original Message-----
> From: redhat-list-bounces@xxxxxxxxxx
> [mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of Bill Tangren
> Sent: Wednesday, August 30, 2006 5:27 PM
> To: General Red Hat Linux discussion list
> Subject: Re: Permit root login for telnet..
>
> Shekhar Dhotre wrote:
> > OK , no one has access to network room here than Coms guys . Even I
> > cannot go in as I am in Unix/Storages group. Our comm. guys are not
> > interested in checking our passwords.
> >
> > Also they have access to most of the prod switches, so they are
> trusted
> > by the business. Again not a risk .
> >
> >
>
> That's what some of us here thought too... until someone broke in to
one
> of our
> computers, put the network card in promiscuous mode, started a
password
> sniffer,
> and then got the root passwords for dozens of boxes.
>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list


--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list



Relevant Pages

  • Re: Screensaver takes too much time to fade-out...
    ... I will provide a disclaimer up front that I work in the security field, but I design security protocols and OS security I learn from osmosis from my colleagues. ... Linux install is NOT as bad as say XP install where you can get owned DURING the install if you are connected. ... I am quite contrary on passwords and password strengths. ... First configure your local firewall so that all inbound ports are closed and only open those that you have evidence that you need (what local servers ARE you running? ...
    (Fedora)
  • Re: OT: disabling APIs to prevent keystroke logging
    ... I have googled keylogging but there's a ton of info a mostly ads. ... I've dealt with security issues in my work as a software ... Researcher refutes Microsoft's account of hijacked Hotmail passwords ... passwords were obtained in a massive phishing attack. ...
    (alt.sys.pc-clone.dell)
  • RE: passwords in asp pages
    ... and using integrated security for connecting to the database- this will ... remove cleartext passwords from the files. ... grab the raw asp source from the server. ... to facilitate one-on-one interaction with one of our expert instructors. ...
    (Security-Basics)
  • Re: Oh Dear, Where to start?!
    ... > sort of security solution? ... > use, passwords, physical security, backup/disaster ... > admin, network admin, tech support, programming, and ... Theres lots of software out there for backups. ...
    (Security-Basics)
  • Re: [Full-disclosure] Filezillas silent caching of users credentials
    ... the security hassles you're going through are all useless. ... With regards to the handcuffs example, ... limiting access to the passwords file in the first place. ...
    (Full-Disclosure)