Re: security for a home system
Joe Hart wrote in Article <[🔎] 462A6C21.9080500@orange.nl> posted to
gmane.linux.debian.user:
> Douglas Allan Tutty wrote:
>> On Sat, Apr 21, 2007 at 09:14:27PM +0200, Joe Hart wrote:
>>> Douglas Allan Tutty wrote:
>>>> If I need to run a backup, other than it being 'proper', why not just
>>>> login as root instead of myself and su?
>>> That is what I do, but I make sure that the internet is down when I do
>>> that, so there is no chance of someone coming in, or anything going out
>>> while I am backing up, just a safety precaution. One can never be too
>>> careful.
>>
>> How does running a backup as root make it more likely that someone can
>> come in from the net and get root?
>
> To be honest, I don't know, but I do know that if you leave a tty just
> sitting around logged in a root, it is a bad idea. Perhaps I am just
> being too cautious.
That's not too cautious at all. More like up there with clearing the
chamber and unloading a gun when not in use.
> I would think that anyone hacking into my system would face a login
> prompt, but who knows? I'm not running a ssh daemon, so it I don't see
> what would give them such prompt, and my firewall should block anyone
> attempting to come in, but I also know that there are some really weird
> hacks out there and people who can do things like surf the web while
> tunneling through an IMCP connection (becuase ping is open) can do some
> pretty tricky things and I know if I pull the plug, there's no way
> anything can get in.
That's a new one on me. Cite?
--
Paul Johnson
Email and IM (XMPP & Google Talk): baloo@ursine.ca
Reply to: