[plug] Rubbing salt into the wounds...
Leon Brooks
leon at brooks.fdns.net
Sat Apr 6 22:11:17 WST 2002
Quote from t2c in the MandrakeForum article about the canary Mandrake 8.2 box
(soon to be joined by a SuSE 7.3 box):
[Security] is set to the lowest setting that was available
during a standard install.
I also started up as many services as were possible on the
box after deployment.
That's 7 days so far... I wonder if an unfirewalled Windows 2000 default
install at ``the lowest setting that was available'' and with ``as many
services as possible'' started would last as long as 7 minutes, invite or
not. (-:
My nmap says they started:
* a webserver with HTTPS (identifies itself as
``Apache-AdvancedExtranetServer/1.3.23 (Mandrake Linux/4mdk)
mod_ssl/2.8.7 OpenSSL/0.9.6c'');
* ftp server (identifies itself as ProFTPd 1.2.5rc1);
* ssh server (would be openssh-3.1p1);
* DNS (would be bind 9.2.0);
* SaMBa (2.2.3a?);
* NFS; and
* kdm listening on TCP, plus
* ...no new services on UDP.
Perhaps I should tell them about tftp, LinuxConf, WebMin, ircd, ntalk and the
many other goodies that ship with Mandrake 8.2? (-:
Cheers; Leon
More information about the plug
mailing list