Possible security problem, need information...
Neil Rickert
rickert at mp.cs.niu.edu
Thu Mar 21 04:39:22 AEST 1991
In article <1991Mar20.165442.7210 at ux1.cso.uiuc.edu> edotto at ux1.cso.uiuc.edu (Ed Otto) writes:
>
>But seriously,I think that this is not a problem as mine is the same way.
Don't assume that just because your system comes standardly set up in a
certain way, there are no problems with that setup. Vendors are notorious
for providing systems which are highly secure when set up on a private
network with only one user, but in which security breaks down in more
practical environments.
As an example, at least one has made a practice of supplying systems with
a default setup such that if you connect the system to Internet and make
a DNS resolver function available in the recommended way, just about anyone
with root access on any Internet machine can quickly break in. For all I
know they are still supplying systems with this setup.
--
=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
Neil W. Rickert, Computer Science <rickert at cs.niu.edu>
Northern Illinois Univ.
DeKalb, IL 60115 +1-815-753-6940
More information about the Comp.unix.admin
mailing list