wear-hards, I have had some really bad experiences with hackers in the past year. I want to warn you that if you do default linux installs and connect your wearable to the net, you are opening yourself up for attack. I therefore want to suggest that if your wearable (or any linux box) connects to the net, you need to turn of the various daemons that allow TCP connections! All you have to do is edit your /etc/inetd.conf file and comment out all of those daemons with a # character (telnet, ftp, pop3, etc). Note that shutting off these daemons for telnet, ftp, finger, etc do NOT stop you from accessing other machines with these same tools, they only stop people from breaking IN, which is what you want to stop. I think it's a big mistake for distros like redhat to default these daemons to be running all the time on initial install. If you haven't turned these off, do it now! You might also consider editing your /etc/hosts.deny file and adding a line that says ALL: ALL. If you want to grant access to selective machines or domains, you can add an entry in your /etc/hosts.allow that says ALL: IPaddress or domain. You can even set up "booby traps" such that attempts to telnet to your machine will invoke a finger, and send an email to you indicating who the creep is. Details on how to do this can be found by doing a "man hosts.deny" command. Don't wait until punky creates his owns login ID on your wearable and starts hacking other people's machines (esp DOD) using your wearable! Comment out those nasty daemons in your inetd.conf right now, all of them ... -- Doug ------------------------------------------------------------ Grow your own Wearables: http://wearables.los-gatos.net What I'd like is to have you call me and my jacket answers ------------------------------------------------------------ -- Subscription/unsubscription/info requests: send e-mail with subject of "subscribe", "unsubscribe", or "info" toWear-Hard Mailing List Archive (searchable): http://wearables.blu.org please, Please, *PLEASE* don't subscribe through a forward/false domain
From Wear-Hard Mailing list Archive (WH)
Maintained by R. Paul McCarty
Archive created with babymail