[nos-bbs] Questions related to JNOS 1.11f

(Skip) K8RRA k8rra at ameritech.net
Sat Apr 7 11:52:55 EDT 2007 

It's arguable that crackers are in their right mind Barry, giving Norton
and McAfee something to do and sell.
You are very right in the sense that there is little honey in the pot to
attract them to jnos installations.

On Sat, 2007-04-07 at 11:00 +0200, Miroslav Skoric (YT7MPB) wrote:

> Barry Siegfried wrote:
> > 
> > Sure it is possible for somebody to do that.  But who in his right mind
> > would actually waste his time doing that?
> > 
> 
> I don't know but I want to ensure that my mailbox is secured in that 
> manner and I want to be sure I am the only person supposed to access my 
> system's configuration files. In fact, I saw various types of 
> permissions granted to 'ftpusers' and wonder if I have put things in the 
> right place.

On a Microsoft platform, the opsys offers nothing toward security.
On unix and Mac platforms, the opsys offers features that are not
utilized.
Security is strictly a jnos feature - what jnos offers is the only game
in town.

The good news is that the amateur community seems pretty safe to operate
with.
The bad news is that the amateur community is not exclusive - non-hams
have access if they care to.
If you have configured all file access for users in /public and below
then directories above /public are not accessible and jnos replies
"permission denied".
But the sysop has access to all files on the host - even outside jnos
root directory.
So (like unix) the operating advise is to use sysop a minimum and the
user a maximum.
And especially keep the sysop passwords private and changing.
Plus - since the "@" password is not encrypted is is well not to use the
feature on the air.

If your work results in a very secure jnos, you might consider sharing
your approach?
Best of luck Misko.

> 
> Regards,
> 
> Misko YT7MPB
> 
> 
> 
> 
> _______________________________________________
> nos-bbs mailing list
> nos-bbs at lists.tapr.org
> https://lists.tapr.org/cgi-bin/mailman/listinfo/nos-bbs


73
de [George (Skip) VerDuin] K8RRA k
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.tapr.org/pipermail/nos-bbs_lists.tapr.org/attachments/20070407/aafcc0f3/attachment.html>

More information about the nos-bbs mailing list