 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
Today, Ron Peterson gleaned this insight: > > It could still be a forged IP address. > > I'm curious. How would someone go about forging an IP address in a mail > header? I would actually prefer to think that's what happened. > Otherwise I have to think someone stole my password, probably by > compromising my ISP. Which means this could easily happen again. Yuck. Well there are a couple of ways I can think of off the top of my head, but I'm not going to tell you. If you're really interested, go get Maximum Linux Security or start trolling rootshell.com or other such places where the script kiddies go to get their exploits. > > Furthermore, if you are running sendmail on your laptop, STOP! > > Hmm. I see why you say that. I like using my laptop for screwing > around development type stuff before launching stuff on my company's > servers, though. I think I'd rather just try to do what I can to make > sure I'm running sendmail securely, than shutting it off completely. > But feel free to persuade me that I'm bonkers... Well, I say it because it has historically been one of the larger sources of breakins on Unix systems, and if you don't take steps to secure your installation of it your laptop could be broken into next. More importantly, you simply don't need it. You only NEED sendmail running if you are receiving mail at your local machine directly via SMTP from other SMTP servers. If you're on a laptop, it's nearly a certainty that that is NOT the case. To send mail out from your local machine, you do NOT need to run sendmail. Mailers which need it will run a copy of sendmail specifically to send the messages out, and then die. Why waste system resources AND add potential vulnerability to attack when you don't need to? The only conceivable reason to run it on a laptop is, as you've said, so you can learn about how to configure and manage it, but even in that case you're still best off only running it when you need to, rather than making it run all the time. Most people leave it on either because they don't know they don't need it, or (as in my case) they're too lazy to shut it off... :) > Things could be much worse. I'm going to consider this a wake up call, > though, and begin learning all I can about how to thoroughly secure and > monitor my systems. Good idea. I highly recommend _Maximum_Linux_Security_ by "Anonymous" as a resource. Don't be thrown off by the author's desire not to be identified, the book is EXCELLENT. -- --------------------------------------------------------------- Derek D. Martin | Unix/Linux Geek ddm at MissionCriticalLinux.com | derek at cerberus.ne.mediaone.net --------------------------------------------------------------- - Subcription/unsubscription/info requests: send e-mail with "subscribe", "unsubscribe", or "info" on the first line of the message body to discuss-request at blu.org (Subject line is ignored).
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
