-
"FTP, which if you read, I use PureFTPd, which SUSE chroots by default, and I have mine set up where you need a log in name and password that I alone have to give you. I don't think I'm exactly opening the door to hackers there."
Okay, butthe password's sent cleartext. The chroot jail _is_ a good thing, but you'll still be left with files possibly being dumped on your machine that don't belong there. Not critical, perhaps, but I sure wouldn't want it!
The biggest problem you can have with all the logs being sent to you is do you have time to read them? I sure as hell don't for my own PC, but for work... well, it's my job, and I make time. This is the point I made about "USE" and "MONITOR". All the detection systems in the world won't help you if you don't read the warning they produce ;-)
Regarding root logging in.... here's a wee tip which I'm sure you (gore) know, but maybe others don't. In /etc/ssh/sshd_configmake sure you have a line reading:
PermitRootLogin no
I have a feeling that this might be the default in SuSE Pro 9.2, but it wasn't in SLES 8!
-
If there is a dude who can get passed two routers with hardware firewall, SUSEFirewall2, and the 4 other firewalled and updated boxes on this LAN, they deserve the account for FTP. It's not accessible onless you are in my house, on my LAN.
-
Quote:
Originally posted here by gore
If there is a dude who can get passed two routers with hardware firewall, SUSEFirewall2, and the 4 other firewalled and updated boxes on this LAN, they deserve the account for FTP. It's not accessible onless you are in my house, on my LAN.
Boo, I'm behind you :D gore stop feeding me all this ****, I'm an old man, these drugs will kill me. Well maybe not :D
-
Why the hell are you using FTP on your own lan?
-
does it matter? maybe he likes the way it feels between his toes.
-
Because backing up 70 gigs of porn and.... 100 gigs of "Completely legal movies and MP3s" not to mention system files, takes a REALLY long time, and a lot of CD-Rs which I don't always have. So I uplpad everything to my FTP server, which can handle 12 gigs in a couple of minutes, and then when I get CD-Rs, I burn them to media.
-
Fair enough, you like FTP.
If you ever decide to work as a sysadmin you'll find that scp will be the preferred option for most file transfers on your machines, and rsync is a really good way of keping directory structures up to date/mirrored. Future reading:
* man scp (note the PPK authorisation and the filecompression)
* man rsync (note you'll now stop uploading files that hven't changed)
One way of ensuring a number of servers have identical configs, and a way of being able to roll back should you screw up is to use CVS or Subversion. I wish I'd found that out earlier!
I've been told that unison (http://www.cis.upenn.edu/~bcpierce/unison/) is a good file synchronisation tool is anyone here finds that rsync's not enoug, or if they have windows hosts. I've never used it, so you'll have to see for yourself.
Enjoy!