Remotely edit user disk quota
Kirk Strauser
kirk at strauser.com
Thu May 28 19:44:52 UTC 2009
On Thursday 28 May 2009 02:34:02 pm Wojciech Puchar wrote:
> And yes - i do log as root by "insecure" rsh and telnet.
OK, I'm now promoting you to "batshit insane". Seriously, there's no excuse
for running telnet - even in a "secure" (ha!) environment - when so much
better alternatives exist.
Let me shoot you a hypothetical: your webserver gets compromised. The
intruder uses a little ARP poisoning to launch a MITM attack between your
workstation and the database server. He comes back a couple hours later and
uses your plaintext root password to make a backup of your database for his
personal use.
Oh, but that could never happen to you, because you run a PtP VPN between
every pair of machines on your network, said network being separated from the
Internet by a 2 meter air gap and a Doberman Pinscher.
Seriously, using telnet today is flat-out stupid, and I'd fire you in a second
if you brought that level of bullheaded incompetence into my company.
</rant>
--
Kirk Strauser
More information about the freebsd-questions
mailing list