[App_rpt-users] What is the "debian" user in the DIAL distro?

Bob Pyke k6ecm1 at gmail.com
Mon Jun 5 22:04:08 UTC 2017 

I would benefit from as much as you'd like to share. :-)

Thanks,
Bob

Sent from my iPhone

> On Jun 5, 2017, at 2:05 PM, Jeremy Utley <jerutley at gmail.com> wrote:
> 
> Hello all!
> 
> Forgive me for thread necromancy on this one!  I just today had my hub
> node compromised - luckily all they did was try to attack SSH on
> another host (at least that's all I've been able to determine so far).
> So, I'm going to be rebuilding that Hub node tonite.  The reason I
> post is, I am actually a Linux sys-admin in my day job - would there
> be any benefit in me doing a write-up on what all steps I take in
> securing DIAL?  At least a high-level overview of what I end up doing
> that others can build from?
> 
> Also, I just want to make sure - doing the standard apt-get update /
> upgrade on DIAL will not break anything, right?
> 
> Jeremy, NQ0M
> 
>> On Thu, May 11, 2017 at 11:42 AM, Steve Zingman <szingman at msgstor.com> wrote:
>> Thor,
>> I agree that things need to be tightened up. Now that the mandate has
>> changed, those things are changing. I would welcome someone taking on the
>> guidance in system administration piece of the puzzle.
>> 
>> 73, Steve N4IRS
>> 
>> 
>>> On 5/11/2017 12:35 PM, Thor Wiegman wrote:
>>> 
>>> You're not the first person I'm aware of to have this type of problem.
>>> AllStarLink nodes are an easy target to become bitcoin miners and members of
>>> botnets.  Most people installing these nodes don't know the basics of Linux
>>> system administration and the defaults aren't even remotely secure.
>>> 
>>> Not only should that "debian" user be deleted, the appropriate changes to
>>> SSH need to be made to prevent the superuser "root" from logging in
>>> remotely.  That is one of the first things that everyone needs to be change
>>> after installation of a DIAL system, not sure why it's even allowed by
>>> default.
>>> 
>>> I've noticed that a lot of node ops tend to login as root and execute
>>> commands as the root user.  Crazy!  It's an extremely dangerous and insecure
>>> thing to do, but people new to Linux don't know any better.
>>> 
>>> It would be nice if the default installation were setup in such a way that
>>> prevented or discouraged login by the superuser.  It's odd that sudo doesn't
>>> appear to be installed by default.  Would be very nice if the installation
>>> script prompted for the creation of a user account with proper permissions
>>> in much the same way as standard distros do.  Not perfect, but it's a start.
>>> 
>>> Most of these systems are being run by people who are new to Linux.  They
>>> don't know about Linux/Unix system administration and nobody is "elmering"
>>> them in it.  The result is people taking dangerous shortcuts and developing
>>> bad habits.  The community would benefit from some guidance in system
>>> administration as well as from some improved defaults in the distro.
>>> 
>>> 
>>> 
>>>> On 05/10/2017 12:38 PM, app_rpt-users-request at lists.allstarlink.org wrote:
>>>> 
>>>> What is the "debian" user in the DIAL distro?
>>> 
>>> 
>>> _______________________________________________
>>> App_rpt-users mailing list
>>> App_rpt-users at lists.allstarlink.org
>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users
>>> 
>>> To unsubscribe from this list please visit
>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and
>>> scroll down to the bottom of the page. Enter your email address and press
>>> the "Unsubscribe or edit options button"
>>> You do not need a password to unsubscribe, you can do it via email
>>> confirmation. If you have trouble unsubscribing, please send a message to
>>> the list detailing the problem.
>> 
>> 
>> _______________________________________________
>> App_rpt-users mailing list
>> App_rpt-users at lists.allstarlink.org
>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users
>> 
>> To unsubscribe from this list please visit
>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and
>> scroll down to the bottom of the page. Enter your email address and press
>> the "Unsubscribe or edit options button"
>> You do not need a password to unsubscribe, you can do it via email
>> confirmation. If you have trouble unsubscribing, please send a message to
>> the list detailing the problem.
> _______________________________________________
> App_rpt-users mailing list
> App_rpt-users at lists.allstarlink.org
> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users
> 
> To unsubscribe from this list please visit http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of the page. Enter your email address and press the "Unsubscribe or edit options button"
> You do not need a password to unsubscribe, you can do it via email confirmation. If you have trouble unsubscribing, please send a message to the list detailing the problem.

More information about the App_rpt-users mailing list