[App_rpt-users] What is the "debian" user in the DIAL distro?
Jeremy Utley
jerutley at gmail.com
Mon Jun 5 21:05:10 UTC 2017
Hello all!
Forgive me for thread necromancy on this one! I just today had my hub
node compromised - luckily all they did was try to attack SSH on
another host (at least that's all I've been able to determine so far).
So, I'm going to be rebuilding that Hub node tonite. The reason I
post is, I am actually a Linux sys-admin in my day job - would there
be any benefit in me doing a write-up on what all steps I take in
securing DIAL? At least a high-level overview of what I end up doing
that others can build from?
Also, I just want to make sure - doing the standard apt-get update /
upgrade on DIAL will not break anything, right?
Jeremy, NQ0M
On Thu, May 11, 2017 at 11:42 AM, Steve Zingman <szingman at msgstor.com> wrote:
> Thor,
> I agree that things need to be tightened up. Now that the mandate has
> changed, those things are changing. I would welcome someone taking on the
> guidance in system administration piece of the puzzle.
>
> 73, Steve N4IRS
>
>
> On 5/11/2017 12:35 PM, Thor Wiegman wrote:
>>
>> You're not the first person I'm aware of to have this type of problem.
>> AllStarLink nodes are an easy target to become bitcoin miners and members of
>> botnets. Most people installing these nodes don't know the basics of Linux
>> system administration and the defaults aren't even remotely secure.
>>
>> Not only should that "debian" user be deleted, the appropriate changes to
>> SSH need to be made to prevent the superuser "root" from logging in
>> remotely. That is one of the first things that everyone needs to be change
>> after installation of a DIAL system, not sure why it's even allowed by
>> default.
>>
>> I've noticed that a lot of node ops tend to login as root and execute
>> commands as the root user. Crazy! It's an extremely dangerous and insecure
>> thing to do, but people new to Linux don't know any better.
>>
>> It would be nice if the default installation were setup in such a way that
>> prevented or discouraged login by the superuser. It's odd that sudo doesn't
>> appear to be installed by default. Would be very nice if the installation
>> script prompted for the creation of a user account with proper permissions
>> in much the same way as standard distros do. Not perfect, but it's a start.
>>
>> Most of these systems are being run by people who are new to Linux. They
>> don't know about Linux/Unix system administration and nobody is "elmering"
>> them in it. The result is people taking dangerous shortcuts and developing
>> bad habits. The community would benefit from some guidance in system
>> administration as well as from some improved defaults in the distro.
>>
>>
>>
>> On 05/10/2017 12:38 PM, app_rpt-users-request at lists.allstarlink.org wrote:
>>>
>>> What is the "debian" user in the DIAL distro?
>>
>>
>> _______________________________________________
>> App_rpt-users mailing list
>> App_rpt-users at lists.allstarlink.org
>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users
>>
>> To unsubscribe from this list please visit
>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and
>> scroll down to the bottom of the page. Enter your email address and press
>> the "Unsubscribe or edit options button"
>> You do not need a password to unsubscribe, you can do it via email
>> confirmation. If you have trouble unsubscribing, please send a message to
>> the list detailing the problem.
>
>
> _______________________________________________
> App_rpt-users mailing list
> App_rpt-users at lists.allstarlink.org
> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users
>
> To unsubscribe from this list please visit
> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and
> scroll down to the bottom of the page. Enter your email address and press
> the "Unsubscribe or edit options button"
> You do not need a password to unsubscribe, you can do it via email
> confirmation. If you have trouble unsubscribing, please send a message to
> the list detailing the problem.
More information about the App_rpt-users
mailing list