[App_rpt-users] What is the "debian" user in the DIAL distro?
Bob Pyke
k6ecm1 at gmail.com
Mon Jun 5 22:04:08 UTC 2017
I would benefit from as much as you'd like to share. :-)
Thanks,
Bob
Sent from my iPhone
> On Jun 5, 2017, at 2:05 PM, Jeremy Utley <jerutley at gmail.com> wrote:
>
> Hello all!
>
> Forgive me for thread necromancy on this one! I just today had my hub
> node compromised - luckily all they did was try to attack SSH on
> another host (at least that's all I've been able to determine so far).
> So, I'm going to be rebuilding that Hub node tonite. The reason I
> post is, I am actually a Linux sys-admin in my day job - would there
> be any benefit in me doing a write-up on what all steps I take in
> securing DIAL? At least a high-level overview of what I end up doing
> that others can build from?
>
> Also, I just want to make sure - doing the standard apt-get update /
> upgrade on DIAL will not break anything, right?
>
> Jeremy, NQ0M
>
>> On Thu, May 11, 2017 at 11:42 AM, Steve Zingman <szingman at msgstor.com> wrote:
>> Thor,
>> I agree that things need to be tightened up. Now that the mandate has
>> changed, those things are changing. I would welcome someone taking on the
>> guidance in system administration piece of the puzzle.
>>
>> 73, Steve N4IRS
>>
>>
>>> On 5/11/2017 12:35 PM, Thor Wiegman wrote:
>>>
>>> You're not the first person I'm aware of to have this type of problem.
>>> AllStarLink nodes are an easy target to become bitcoin miners and members of
>>> botnets. Most people installing these nodes don't know the basics of Linux
>>> system administration and the defaults aren't even remotely secure.
>>>
>>> Not only should that "debian" user be deleted, the appropriate changes to
>>> SSH need to be made to prevent the superuser "root" from logging in
>>> remotely. That is one of the first things that everyone needs to be change
>>> after installation of a DIAL system, not sure why it's even allowed by
>>> default.
>>>
>>> I've noticed that a lot of node ops tend to login as root and execute
>>> commands as the root user. Crazy! It's an extremely dangerous and insecure
>>> thing to do, but people new to Linux don't know any better.
>>>
>>> It would be nice if the default installation were setup in such a way that
>>> prevented or discouraged login by the superuser. It's odd that sudo doesn't
>>> appear to be installed by default. Would be very nice if the installation
>>> script prompted for the creation of a user account with proper permissions
>>> in much the same way as standard distros do. Not perfect, but it's a start.
>>>
>>> Most of these systems are being run by people who are new to Linux. They
>>> don't know about Linux/Unix system administration and nobody is "elmering"
>>> them in it. The result is people taking dangerous shortcuts and developing
>>> bad habits. The community would benefit from some guidance in system
>>> administration as well as from some improved defaults in the distro.
>>>
>>>
>>>
>>>> On 05/10/2017 12:38 PM, app_rpt-users-request at lists.allstarlink.org wrote:
>>>>
>>>> What is the "debian" user in the DIAL distro?
>>>
>>>
>>> _______________________________________________
>>> App_rpt-users mailing list
>>> App_rpt-users at lists.allstarlink.org
>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users
>>>
>>> To unsubscribe from this list please visit
>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and
>>> scroll down to the bottom of the page. Enter your email address and press
>>> the "Unsubscribe or edit options button"
>>> You do not need a password to unsubscribe, you can do it via email
>>> confirmation. If you have trouble unsubscribing, please send a message to
>>> the list detailing the problem.
>>
>>
>> _______________________________________________
>> App_rpt-users mailing list
>> App_rpt-users at lists.allstarlink.org
>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users
>>
>> To unsubscribe from this list please visit
>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and
>> scroll down to the bottom of the page. Enter your email address and press
>> the "Unsubscribe or edit options button"
>> You do not need a password to unsubscribe, you can do it via email
>> confirmation. If you have trouble unsubscribing, please send a message to
>> the list detailing the problem.
> _______________________________________________
> App_rpt-users mailing list
> App_rpt-users at lists.allstarlink.org
> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users
>
> To unsubscribe from this list please visit http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of the page. Enter your email address and press the "Unsubscribe or edit options button"
> You do not need a password to unsubscribe, you can do it via email confirmation. If you have trouble unsubscribing, please send a message to the list detailing the problem.
More information about the App_rpt-users
mailing list