Julie Xu writes:
> Our squid proxy server is in the host which there are no other users or
> clients in it. but yesterday someone has successfully telneted to this
> host. My question is if it is possible that squid allowed some type of
> telnet?
It shouldn't be possible for them to get a login shell, if that is what
you mean...
> Any comments will be appreciated.
We don't run inetd on any of our servers here, instead we run sshd,
which allows for encrypted sessions and machine authentication...
ftp://ftp.is.co.za/security/network/ssh/
There is a commercial windows version from http://www.datafellows.com/
This would at least stop people from guessing passwords and so on,
if there is a bug in squid that allows people to spawn a login shell
it won't help at all.
Oskar
Received on Wed Jun 18 1997 - 23:52:47 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:35:32 MST