[rescue] SSH, Security and the single SGI

Wes Will wwill at siu.edu
Tue Mar 30 12:46:23 CST 2004


>So, if I enable tftp and a font server, Samba, and other stuff on the
>Challenge, am I somehow lessening its security?
>
>-Shel

Of course you are "lessening" it, but with careful attention on more than a
random basis, the impact should be within an acceptable limit of risk.  Get
and compile the latest binaries, and patch 'em once in a while.  Use decent
passwords and insist that your user accounts do too.  Look through your log
files regularly to see if anything has been breached.  (There are packages
to make this a more possible chore, and there ought to be about as many
opinions on which is 'better' as there are sysadmins on this list...)  Look
into intrusion detection software and managers (like Tripwrire for instance).

You should be just fine, if you pay attention.

--
wes will



More information about the rescue mailing list