[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: red worm amusement

> On 20010721.2117, Jacob Meuser said ...
> On Sat, Jul 21, 2001 at 08:21:09PM -0700, Nicole Zimmerman wrote:
> > 
> > > > last i used OpenBSD (2.6) it started portmap and identd by default at
> > > > the very least, maybe fingerd too i don't remember for sure.
> > > >
> > > The difference is, those were not exploitable. 
> > 
> > And they are on debian?
> It seems everyone on this list YELLS at people who leave rpc.statd
> running.  I don't know whether it's exploitable or not, I know
> enough to turn it off because I don't use it.  I am not talking about
> people who know what they are doing.  I am talking about new users
> who have no practical knowledge of the system.  I'm talking about 
> protecting them from being immediately vulnerable.  If people are
> running services, they should know how to start and stop them, right?

I'm with you on this one.  I ran 'apt-get install apache' because I
wanted to run it once to configure Samba via Swat.  It irked me that
it started apache right away and set it up to start each time I
rebooted.  Not what I wanted, and I can see your point.  I would much
rather be running a system that depended on me to check the config   
before a service started, vulnerability or not.


Reply to: