[App_rpt-users] What is the "debian" user in the DIAL distro?
Loren Tedford
lorentedford at gmail.com
Mon Jun 5 22:07:59 UTC 2017
Bob the biggest problem is I can't remember where i left off and put most
of my documentation in two forums.. forum.kc9zhv.com and forum.voipham.com you
will just have to dig around and ask me if you come onto some thing whether
i remember anything about it.. Their was so much stuff..
Loren Tedford (KC9ZHV)
Phone:
Fax:
Email: lorentedford at gmail.com
Email: KC9ZHV at KC9ZHV.com
http://www.lorentedford.com
http://www.kc9zhv.com
http://forum.kc9zhv.com
http://hub.kc9zhv.com
http://Ltcraft.net <http://ltcraft.net/>
http://voipham.com
On Mon, Jun 5, 2017 at 5:04 PM, Bob Pyke <k6ecm1 at gmail.com> wrote:
> I would benefit from as much as you'd like to share. :-)
>
> Thanks,
> Bob
>
> Sent from my iPhone
>
> > On Jun 5, 2017, at 2:05 PM, Jeremy Utley <jerutley at gmail.com> wrote:
> >
> > Hello all!
> >
> > Forgive me for thread necromancy on this one! I just today had my hub
> > node compromised - luckily all they did was try to attack SSH on
> > another host (at least that's all I've been able to determine so far).
> > So, I'm going to be rebuilding that Hub node tonite. The reason I
> > post is, I am actually a Linux sys-admin in my day job - would there
> > be any benefit in me doing a write-up on what all steps I take in
> > securing DIAL? At least a high-level overview of what I end up doing
> > that others can build from?
> >
> > Also, I just want to make sure - doing the standard apt-get update /
> > upgrade on DIAL will not break anything, right?
> >
> > Jeremy, NQ0M
> >
> >> On Thu, May 11, 2017 at 11:42 AM, Steve Zingman <szingman at msgstor.com>
> wrote:
> >> Thor,
> >> I agree that things need to be tightened up. Now that the mandate has
> >> changed, those things are changing. I would welcome someone taking on
> the
> >> guidance in system administration piece of the puzzle.
> >>
> >> 73, Steve N4IRS
> >>
> >>
> >>> On 5/11/2017 12:35 PM, Thor Wiegman wrote:
> >>>
> >>> You're not the first person I'm aware of to have this type of problem.
> >>> AllStarLink nodes are an easy target to become bitcoin miners and
> members of
> >>> botnets. Most people installing these nodes don't know the basics of
> Linux
> >>> system administration and the defaults aren't even remotely secure.
> >>>
> >>> Not only should that "debian" user be deleted, the appropriate changes
> to
> >>> SSH need to be made to prevent the superuser "root" from logging in
> >>> remotely. That is one of the first things that everyone needs to be
> change
> >>> after installation of a DIAL system, not sure why it's even allowed by
> >>> default.
> >>>
> >>> I've noticed that a lot of node ops tend to login as root and execute
> >>> commands as the root user. Crazy! It's an extremely dangerous and
> insecure
> >>> thing to do, but people new to Linux don't know any better.
> >>>
> >>> It would be nice if the default installation were setup in such a way
> that
> >>> prevented or discouraged login by the superuser. It's odd that sudo
> doesn't
> >>> appear to be installed by default. Would be very nice if the
> installation
> >>> script prompted for the creation of a user account with proper
> permissions
> >>> in much the same way as standard distros do. Not perfect, but it's a
> start.
> >>>
> >>> Most of these systems are being run by people who are new to Linux.
> They
> >>> don't know about Linux/Unix system administration and nobody is
> "elmering"
> >>> them in it. The result is people taking dangerous shortcuts and
> developing
> >>> bad habits. The community would benefit from some guidance in system
> >>> administration as well as from some improved defaults in the distro.
> >>>
> >>>
> >>>
> >>>> On 05/10/2017 12:38 PM, app_rpt-users-request at lists.allstarlink.org
> wrote:
> >>>>
> >>>> What is the "debian" user in the DIAL distro?
> >>>
> >>>
> >>> _______________________________________________
> >>> App_rpt-users mailing list
> >>> App_rpt-users at lists.allstarlink.org
> >>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users
> >>>
> >>> To unsubscribe from this list please visit
> >>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users
> and
> >>> scroll down to the bottom of the page. Enter your email address and
> press
> >>> the "Unsubscribe or edit options button"
> >>> You do not need a password to unsubscribe, you can do it via email
> >>> confirmation. If you have trouble unsubscribing, please send a message
> to
> >>> the list detailing the problem.
> >>
> >>
> >> _______________________________________________
> >> App_rpt-users mailing list
> >> App_rpt-users at lists.allstarlink.org
> >> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users
> >>
> >> To unsubscribe from this list please visit
> >> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and
> >> scroll down to the bottom of the page. Enter your email address and
> press
> >> the "Unsubscribe or edit options button"
> >> You do not need a password to unsubscribe, you can do it via email
> >> confirmation. If you have trouble unsubscribing, please send a message
> to
> >> the list detailing the problem.
> > _______________________________________________
> > App_rpt-users mailing list
> > App_rpt-users at lists.allstarlink.org
> > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users
> >
> > To unsubscribe from this list please visit http://lists.allstarlink.org/
> cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of
> the page. Enter your email address and press the "Unsubscribe or edit
> options button"
> > You do not need a password to unsubscribe, you can do it via email
> confirmation. If you have trouble unsubscribing, please send a message to
> the list detailing the problem.
> _______________________________________________
> App_rpt-users mailing list
> App_rpt-users at lists.allstarlink.org
> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users
>
> To unsubscribe from this list please visit http://lists.allstarlink.org/
> cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of
> the page. Enter your email address and press the "Unsubscribe or edit
> options button"
> You do not need a password to unsubscribe, you can do it via email
> confirmation. If you have trouble unsubscribing, please send a message to
> the list detailing the problem.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.keekles.org/pipermail/app_rpt-users/attachments/20170605/fc84b6f8/attachment.html>
More information about the App_rpt-users
mailing list