AW: [suse-security] a little service question
Dear Mr. Bien, I am surprised by this harsh answer of yours. Until now I was convinced that a mailing list concerning security is to be used when someone has a security-related question. If all users on planet earth would be as "smart" as you are (seem to be) then we would not need such things as mailings-lists. There is always a point where man-pages and faq-lists do not seem to answer one´s question and then it is time to ask other users. Or did I get the point wrong? You can be sure that I took the time to find the answer myself but I think it is not useful to reinvent the wheel over and over again (as a german proverb goes, don´t know the english equivalent)! I would appreciate an answer from you and a statement from the list whether I was "allowed" to ask such a "stupid" question or not. Thank you Rgds Dustin Huptas -----Ursprüngliche Nachricht----- Von: Alexander Bien [mailto:abien@gmx.net] Gesendet: Mittwoch, 6. Dezember 2000 14:23 An: Dustin Huptas Betreff: RE: [suse-security] a little service question www.securityfocus.com read it, understand it, feel it.. and please stop posting msgs like "How do i .." to security mailing lists .. Have a nice day.. -- Mit freundlichen Grüßen Alexander Bien -- PIRONET NDH Alexander Bien - Technical Assistant - SBU Services Josef-Lammerting-Allee 14-18, 50933 Cologne - Germany Tel.: +49 (0)172 7760569 - Fax: +49 (0)221 770 2815 mailto:abien@pironet.com - http://www.pironet.com
-----Original Message----- From: Dustin Huptas [mailto:dustin2010@gmx.de] Sent: Wednesday, December 06, 2000 2:03 PM To: suse-security@suse.com Subject: [suse-security] a little service question
Hello,
I have the following services running:
Port State Service 21/tcp open ftp 22/tcp open ssh 80/tcp open http 111/tcp open sunrpc 113/tcp open auth 510/tcp open fcp 513/tcp open login 514/tcp open shell 515/tcp open printer 973/tcp open unknown 1024/tcp open kdm 3306/tcp open mysql
I do need ftp, ssh, http and mysql in any case. But I don´t know about the other services. I remotely administer this server which is housed at my ISPs place. Does anyone know the other services and if I can disable them? Additionally I need to know hwo to secure the "needed" services.
Any help is appreciated and many thanks in advance!
btw. I already use tcpd to wrap the most of the services.
Rgds Dustin
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
Hi, On Wed, 06 Dec 2000, Dustin Huptas wrote:
I am surprised by this harsh answer of yours.
Sometimes life can get frustrating ...
Until now I was convinced that a mailing list concerning security is to be used when someone has a security-related question. If all users on planet earth would be as "smart" as you are (seem to be) then we would not need such things as mailings-lists. There is always a point where man-pages and faq-lists do not seem to answer oneŽs question and then it is time to ask other users.
Your question is definitely a FAQ. You will find the answer in the Linux Security HOWTO, and if you are following this mailing list on a regular basis, or if you had gone through the mailing list archives at www.suse.com, you would have found that questions like yours have been already answered a gazillion of times, for example today, 6 days ago, ... o.k. here's the answer hint: As a primer, read the Linux Security HOWTO Another good starting point is the book "Securing and Optimizing Linux: Red Hat Edition", which is available as a 5.5MB download from http://www.linuxdoc.org/LDP/gawlso/Securing-Optimizing-Linux-RH-Edition-1_3.... Most of the topics covered there apply to all Linux distros.
Or did I get the point wrong? You can be sure that I took the time to find the answer myself but I think it is not useful to reinvent the wheel over and over again
You're both wrong and right. That's what FAQs are good for: Not reinventing the wheel. The only problem with FAQs is that virtually nobody cares to read them.
(as a german proverb goes, donŽt know the english equivalent)! I would appreciate an answer from you and a statement from the list whether I was "allowed" to ask such a "stupid" question or not.
Of course you are allowed to ask stupid questions, but it does not seem to me that you have spent too much effort for research either. And stating that you already "wrap most services with tcpd" really makes me curious why you shouldn't be able to shut off services like "login" or "shell", as enabling the tcp wrapper requires at least basic knowledge of /etc/inetd.conf ... ;-)
Thank you
Rgds Dustin Huptas
Regards, Martin Leweling -- Martin Leweling Institut fuer Planetologie, WWU Muenster Wilhelm-Klemm-Str. 10, 48149 Muenster, Germany E-Mail (work): lewelin@uni-muenster.de
Hi Dustin,
-----Original Message----- From: Dustin Huptas [mailto:dustin2010@gmx.de] Sent: Wednesday, December 06, 2000 2:33 PM To: suse-security@suse.com Subject: AW: [suse-security] a little service question
Dear Mr. Bien,
I am surprised by this harsh answer of yours.
Did i hurt your feelings? Im sorry. To be true, i am a little on the edge today. But o well, Your question can be answered by reading either the website i pointed u at, or by searching through the archives of this list where Kurt often mentioned his sites and theyr docs. I consider his guide to a secure linux system as very usefull, and so do others. Until now I was
convinced that a mailing list concerning security is to be used when someone has a security-related question. If all users on planet earth would be as "smart" as you are (seem to be) then we would not need such things as mailings-lists.
I dont see the point. All i see is that your trying to fool my ego. This wount make your system secure. There is always a point where man-pages and
faq-lists do not seem to answer one´s question and then it is time to ask other users. Or did I get the point wrong? You can be sure that I took the time to find the answer myself but I think it is not useful to reinvent the wheel over and over again (as a german proverb goes, don´t know the english equivalent)!
Lets say u type "How do i secure my linux system" into a thing like google.. u get a lot of links to VERY usefull howto files.. i bet u did that.
I would appreciate an answer from you and a statement from the list whether I was "allowed" to ask such a "stupid" question or not.
I never said your not allowed to do things. I am not in charge to allow/forbid things on this list. Neither do i think we need a moderator. (Hi Kurt). And while talkign about the re-invented wheel... Questions like "How do i secure my system" cant be answered in 2 sentences. So the best thing is to point u at the docs that will help you, instead of explaining the whole thing over and over again. I dont apreciate you moving our private conversation to a mailing list, and once again buggin people with stuff that has allready been there .. Bottom Line: My answer was a little short. I apologize for my sarcasm (read it, feel it ..etc), which has obviously been misunderstood. Thank you for your time.. Alex
Thank you
Rgds Dustin Huptas
-----Ursprüngliche Nachricht----- Von: Alexander Bien [mailto:abien@gmx.net] Gesendet: Mittwoch, 6. Dezember 2000 14:23 An: Dustin Huptas Betreff: RE: [suse-security] a little service question
www.securityfocus.com read it, understand it, feel it.. and please stop posting msgs like "How do i .." to security mailing lists ..
Have a nice day..
--
Mit freundlichen Grüßen
Alexander Bien
-- PIRONET NDH Alexander Bien - Technical Assistant - SBU Services Josef-Lammerting-Allee 14-18, 50933 Cologne - Germany Tel.: +49 (0)172 7760569 - Fax: +49 (0)221 770 2815 mailto:abien@pironet.com - http://www.pironet.com
-----Original Message----- From: Dustin Huptas [mailto:dustin2010@gmx.de] Sent: Wednesday, December 06, 2000 2:03 PM To: suse-security@suse.com Subject: [suse-security] a little service question
Hello,
I have the following services running:
Port State Service 21/tcp open ftp 22/tcp open ssh 80/tcp open http 111/tcp open sunrpc 113/tcp open auth 510/tcp open fcp 513/tcp open login 514/tcp open shell 515/tcp open printer 973/tcp open unknown 1024/tcp open kdm 3306/tcp open mysql
I do need ftp, ssh, http and mysql in any case. But I don´t know about the other services. I remotely administer this server which is housed at my ISPs place. Does anyone know the other services and if I can disable them? Additionally I need to know hwo to secure the "needed" services.
Any help is appreciated and many thanks in advance!
btw. I already use tcpd to wrap the most of the services.
Rgds Dustin
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
Dear Mr. Bien,
I am surprised by this harsh answer of yours. Until now I was convinced
a mailing list concerning security is to be used when someone has a security-related question. If all users on planet earth would be as "smart" as you are (seem to be) then we would not need such things as mailings-lists. There is always a point where man-pages and faq-lists do not seem to answer one´s question and then it is time to ask other users. Or did I get the point wrong? You can be sure that I took the time to find the answer myself but I think it is not useful to reinvent the wheel over and over again (as a german proverb goes, don´t know the english equivalent)! I would appreciate an answer from you and a statement from the list whether I was "allowed" to ask such a "stupid" question or not.
Thank you
Rgds Dustin Huptas
-----Ursprüngliche Nachricht----- Von: Alexander Bien [mailto:abien@gmx.net] Gesendet: Mittwoch, 6. Dezember 2000 14:23 An: Dustin Huptas Betreff: RE: [suse-security] a little service question
www.securityfocus.com read it, understand it, feel it.. and please stop posting msgs like "How do i .." to security mailing lists ..
Have a nice day..
--
Mit freundlichen Grüßen
Alexander Bien
-- PIRONET NDH Alexander Bien - Technical Assistant - SBU Services Josef-Lammerting-Allee 14-18, 50933 Cologne - Germany Tel.: +49 (0)172 7760569 - Fax: +49 (0)221 770 2815 mailto:abien@pironet.com - http://www.pironet.com
-----Original Message----- From: Dustin Huptas [mailto:dustin2010@gmx.de] Sent: Wednesday, December 06, 2000 2:03 PM To: suse-security@suse.com Subject: [suse-security] a little service question
Hello,
I have the following services running:
Port State Service 21/tcp open ftp 22/tcp open ssh 80/tcp open http 111/tcp open sunrpc 113/tcp open auth 510/tcp open fcp 513/tcp open login 514/tcp open shell 515/tcp open printer 973/tcp open unknown 1024/tcp open kdm 3306/tcp open mysql
I do need ftp, ssh, http and mysql in any case. But I don´t know about
Dear Dustin,
in my opinion Mr. Bien has given the right (short and friendly - not harsh)
answer.
Your questions are very fundamental.
Of course security related but nothing especially for this list.
Some weeks ago I was at the same point like you - questions, questions,
questions.
But there are many very helpful Howtos outside - but you must spend a
little time on it.
Good luck.
Frank
----- Original Message -----
From: "Dustin Huptas"
other services. I remotely administer this server which is housed at my ISPs place. Does anyone know the other services and if I can disable them? Additionally I need to know hwo to secure the "needed" services.
Any help is appreciated and many thanks in advance!
btw. I already use tcpd to wrap the most of the services.
Rgds Dustin
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
Dustin, Here are some links which will help you in your quest: http://www.securityportal.com/ http://www.boran.com/security/index.html http://www.netcologne.de/~meberg/ http://www2.little-idiot.de/firewall/ http://www.robertgraham.com/pubs/firewall-seen.html#2.11 http://www.simovits.com/nyheter9902.html http://www.securityfocus.com http://www.portsdb.org/ Philipp
-----Ursprüngliche Nachricht----- Von: Dustin Huptas [mailto:dustin2010@gmx.de] Gesendet: Mittwoch, 6. Dezember 2000 14:33 An: suse-security@suse.com Betreff: AW: [suse-security] a little service question
Dear Mr. Bien,
I am surprised by this harsh answer of yours. Until now I was convinced that a mailing list concerning security is to be used when someone has a security-related question. If all users on planet earth would be as "smart" as you are (seem to be) then we would not need such things as mailings-lists. There is always a point where man-pages and faq-lists do not seem to answer one´s question and then it is time to ask other users. Or did I get the point wrong? You can be sure that I took the time to find the answer myself but I think it is not useful to reinvent the wheel over and over again (as a german proverb goes, don´t know the english equivalent)! I would appreciate an answer from you and a statement from the list whether I was "allowed" to ask such a "stupid" question or not.
Thank you
Rgds Dustin Huptas
-----Ursprüngliche Nachricht----- Von: Alexander Bien [mailto:abien@gmx.net] Gesendet: Mittwoch, 6. Dezember 2000 14:23 An: Dustin Huptas Betreff: RE: [suse-security] a little service question
www.securityfocus.com read it, understand it, feel it.. and please stop posting msgs like "How do i .." to security mailing lists ..
Have a nice day..
--
Mit freundlichen Grüßen
Alexander Bien
-- PIRONET NDH Alexander Bien - Technical Assistant - SBU Services Josef-Lammerting-Allee 14-18, 50933 Cologne - Germany Tel.: +49 (0)172 7760569 - Fax: +49 (0)221 770 2815 mailto:abien@pironet.com - http://www.pironet.com
-----Original Message----- From: Dustin Huptas [mailto:dustin2010@gmx.de] Sent: Wednesday, December 06, 2000 2:03 PM To: suse-security@suse.com Subject: [suse-security] a little service question
Hello,
I have the following services running:
Port State Service 21/tcp open ftp 22/tcp open ssh 80/tcp open http 111/tcp open sunrpc 113/tcp open auth 510/tcp open fcp 513/tcp open login 514/tcp open shell 515/tcp open printer 973/tcp open unknown 1024/tcp open kdm 3306/tcp open mysql
I do need ftp, ssh, http and mysql in any case. But I don´t know about the other services. I remotely administer this server which is housed at my ISPs place. Does anyone know the other services and if I can disable them? Additionally I need to know hwo to secure the "needed" services.
Any help is appreciated and many thanks in advance!
btw. I already use tcpd to wrap the most of the services.
Rgds Dustin
---------------------------------------------------------------------
To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
Hi, was it possible to add a link "hints", "FAQ" or such next to the suse- security archive link, that contains a short description of what to do before posting? I think that would reduce noise to the list and help people new to this. A searchable archive would be great too. This ML is not only intended to enhance security, but also to make security related things easier. Imagine I have two DNS servers for one domain that has three active e-mail accounts. There are more than 2000 MX requests per hour to the DNS servers for these accounts with about 5 real e-mail messages per hour delivered to one of these accounts. I would check the configuration of the systems, than browse the archives of the MTA, DNS servers, OS, security sites .... , that would take half a day or the whole day. It took only 5 mins to post a message to this ML, and about 30 mins to get an answer, that even if not solving this problem gave me the security that my system does not suffer from a known security hole. That leaves me with a lot of traffic but I still could sleep that night without fearing an intruder (if I could before :)) Is it really so much harder to answer frendly than it is to answer unfrendly? mike
participants (6)
-
Alexander Bien
-
Dustin Huptas
-
Frank Stuehmer
-
Martin Leweling
-
Philipp Snizek
-
Thomas Michael Wanka