Xref: utzoo alt.security:773 comp.protocols.tcp-ip:11593 alt.sys.sun:958
Path: utzoo!attcan!uunet!unisoft!greywolf
From: greywolf@unisoft.UUCP (The Grey Wolf)
Newsgroups: alt.security,comp.protocols.tcp-ip,alt.sys.sun
Subject: Re: anonymous ftp, and the dangers thereof
Message-ID: <3023@unisoft.UUCP>
Date: 6 Jun 90 23:25:08 GMT
References: <1990Apr20.192233.4092@utzoo.uucp> <6721@blake.acs.washington.edu> <BT+2NO5xds13@ficc.uu.net> <PMY$TW?@b-tech.uucp>
Reply-To: greywolf@unisoft.UUCP (The Grey Wolf)
Organization: UniSoft Corporation (SVR4 on a *what*?)
Lines: 27

In article <PMY$TW?@b-tech.uucp> zeeff@b-tech.ann-arbor.mi.us (Jon Zeeff) writes:
>All this emphasis on turning off tftp and waiting for shadow password 
>files may be clouding the simpler and more effective solution.  Force 
>users to pick good passwords!  Something with some non-alpha 
>characters and mixed case (not the first letter capital).  
>
>Neither turning off tfpd or even shadow passwords will protect you from 
>local users or people who used to have root.

I'm rather new to some of this stuff, so please excuse my ignorance.

To what extent does one disable tftp (or did the original user mean
anonymous ftp)?

If, indeed, one disables tftp, why is this done?  tftp is about the only
way to boot a machine over the network if one needs to reformat the local
disk, and we don't have QIC drives or 9-track drives for every machine, and
hooking them up/disconnecting them is a pain in the ass.  I'd much rather
not have to move the workstation if I can avoid it.

Please don't flame me about hardware or the inadequacies of our setup;
it would be a waste of time and it would completely beg the question.

-- 
MORALITY IS THE BIGGEST DETRIMENT TO OPEN COMMUNICATION.
/earth: minimum percentage of free space changes from 10% to 0%
should optimize for space^H^H^H^H^Hintelligence with minfree < 10%