Mailing List Archive

Support open source code!

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ramen worm

On 19-Jan-2001 Joerg Winkelmann wrote:
> There will be always bugs and there will also be always
> many people using Linux on personal computers not bothering
> too much to install all security patches immediately.
> Therefore the default configurations of Linux distributions
> should be as secure as possible, and this is the point where,
> in my opinion, RedHat ( and other distributors) have failed.
> Why are these daemons (rpc.statd, ftpd) running at all in a
> default configuration?

Well, ftp is very useful in some cases, especially for anonymous access to
files. I'm running an anonymous ftp server on my machine so my students can get
access to the data files for the class. The vulnerability in ftp was fixed a
long time ago, so protecting your system from this worm is merely a matter of
updating the wu-ftpd package (and the nfs-utils package to fix the rpc.statd
vulnerability), or, as I did, installing the proftpd ftp server.
______________________________________________________________________
Stuart Luppescu         -=-=-  University of Chicago
$(B:MJ8$HCRF`H~$NIc(B        -=-=-  s-luppescu@example.com
http://www.consortium-chicago.org/people/sl.html
Finger sl70@example.com forPGP Public Key
ICQ #21172047  AIM: psycho7070
Eloquence is logic on fire.
>> Sent on 19-Jan-2001 at 08:40:23 with xfmail
Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links