Security on the 3B1
Kris A. Kugel
kak at hico2.UUCP
Mon Mar 5 16:05:33 AEST 1990
For the most part, I believe most of the 3b1/7300 owners
out there have fixed the most blatent security holes on
their systems (logins without passwords, and *VERY* serious
permissions holes)
I recently restored my 3B1 from scratch, and typed (by hand)
a security audit shell program from the book, "UNIX SYSTEMS SECURITY".
Given the time and effort it took to type and debug the damn
thing in, it seems to me that I could save some other poor souls
the effort by making some kinda information available.
Now, I can:
1. post the results of the security audit to the world
(possibly creating awareness of the holes to those
we would rather stay ignorant, and before the holes can be fixed)
2. post the security auditing program (probably violating copyright)
3. mail the results to anybody who requests them
(assumes some kinda tracking of who gets it is better than nothing,
not all that much safer, and a pain in the butt for me)
Seems to me we already had something like this discussion, but I forgot
the concensus opinion (if there was one).
I'm kinda leaning towards #1 myself. Any opinions?
Kris A. Kugel
(201) 842-2707
{uunet,att,rutgers}!westmark <--daily
{ssbn,zorch,zinn,ditka,daver,attdso} <--semi-daily
{wldrdg}!hico2!kak <--maybe
{stc-auts} <--seems dead for 9600
More information about the Comp.sys.att
mailing list