Re: possible intrusion in my box ??????

[Ossama Othman <othman@astrosun.tn.cornell.edu>]

Hi Alain,
 
> anyone know what's this and where to look for security advices and
> the likes (i dont know anymore where to start) ???

You might want to try Secure Shell and perhaps a one time password
package like OPIE.

Take a look at the following URL that has links to security software:

	http://www.cs.hut.fi/ssh/crypto/software.html

On the systems that I run, I have disabled all incoming telnets, ftps, 
rsh/rlogin/rexec/etc, finger, rusers, ident, etc.  The only way in is via
Secure Shell.  Note that outgoing telnets and ftps would still work.  If
you must have incoming telnet and ftp then you leave incoming telnets and
ftps enabled, but you should probably use replacements for them such as
those found in OPIE, SSLtelnet and SSLftp.  OPIE and other one time
password packages has the advantage that the user issuing the telnet
doesn't have to modify his/her telnet program.  SSLtelnet and SSLftp are
encrypting replacements for telnet/d and ftp/d, respectively.  However, to
use SSLtelnet and SSLftp securely both the local and remote machine must
have SSLtelnet installed, for example.  The same goes for Secure Shell.  I
prefer Secure Shell.  A combination of Secure Shell and OPIE seems to work
well, too.

-Ossama 


--
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org