Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!newshost.telstra.net!act.news.telstra.net!psgrain!news.uoregon.edu!cs.uoregon.edu!reuter.cse.ogi.edu!news.ssd.intel.com!chnews!itnews.sc.intel.com!news.sprintlink.net!news.neca.com!chi-news.cic.net!nntp.coast.net!howland.reston.ans.net!gatech!newsfeed.internetmci.com!ns.hcsc.com!tawny!angelo From: angelo@tawny.ssd.csd.harris.com (Angel Ortiz) Newsgroups: comp.unix.bsd.freebsd.misc Subject: IMPORTANT PPP SECURITY ISSUE Date: 6 Mar 1996 15:27:25 GMT Organization: Harris CSD, Ft. Lauderdale, FL Lines: 36 Distribution: world Message-ID: <4hkast$4u7@ns.hcsc.com> NNTP-Posting-Host: tawny.ssd.hcsc.com FreeBSD News Group: I wanted to point out some Security issues that you need to take into consideration when connected to your ISP. ISSUES: When you are connected to your ISP and you are using Dynamic or Static IP addressing your system is seen to the outside world. For example, anyone who can determine your IP address will have the capability of logging into your machine. It will not matter what type of OS you are running. As long as you are connected to the Internet your IP address is Public and hackers can login into your system. COUNTER MEASURES: To guard against hackers telneting or ftping into your machine and compromising the security of you system do the following: 1. Make ABSOLUTELY certain that each user on your system has a pass word. The password should NOT be easy to guess and should consist of upper, lower case letters and numbers. 2. The root pass word MUST meet the requirements in 1. 3. Make your /etc/passwd file and any pass word encrypted file read/write only by root. 4. Make sure users do not have su to root capabilities I hope this helps. I will welcome comments, suggestions and any other security issues other users have found. Thanks, Angel G. Ortiz 305-973-5022