[TAG] (forw) Re: (forw) Re: lpr works for user not root in Basiclinux 2.1
Sindi Keesan
keesan at grex.cyberspace.org
Sun Jan 28 02:35:11 MSK 2007
On Sat, 27 Jan 2007, Neil Youngman wrote:
> On or around Saturday 27 January 2007 15:16, Sindi Keesan reorganised a bunch
> of electrons to form the message:
>> Okay. A friend said they could sniff my packets for my login and
>> password. But how would they put any files onto my machine? I am not
>> running lpd, telnetd, ftpd or even httpd. Can they transfer files when I
>> simply run pppd and ssh or lynx?
> If your ssh package provides scp or sftp, then yes, if they've cracked your
> machine they would be able to copy stuff onto it.
My 'package' consists of ssh.gz and ssh.1 (man page).
>> We have an nmap add-on for scanning hosts on the network and determining
>> which services they are running. Downloaded it. No documentation.
>> 101 pages of man page online. I don't understand much of it.
>>
>> nmap -A -T4 127.0.0.1 (localhost)
>> All 1663 scanned ports are closed.
>
> I'm no expert either, but I would say that's encouraging.
The author of our distribution said to try this while running X (which is
a server) and port 6000 was then open. I don't normally run X while I am
online. Should I unload X before using ssh or lynx from a console? He
advises using our X browser Opera as user. I could also load Xvesa as
user.
> Neil
>
Sindi Keesan
More information about the TAG
mailing list