[Hudlug] Fwd: Re: [newbie] MLdonkey

[Tim]

Chris Wood wrote:

>
>
> They are still laying themselves open to script kiddies to brute force 
> the
> root account password. Unlikely, yes, but if someone tries brute forcing
> hard enough, they could cause a DoS agaibst the telnet daemon, and hence
> noone else would be able to log in.


In the case of Mldonkey though, there is no telnet daemon running, only 
the mldonkey daemon.  (which may also have security issues, but only to 
the level of the the account running the daemon.

> Badly set up SMTP servers are of course yet another issue altogether. 
> We'd
> all get less spam if people made sure their mail servers were not set 
> up as
> open relays...


It still amazes me that vednors still ship smtp servers in open mode.

Rather than the way that all the debian ones are, which is completely 
closed until you've worked out what you are doing.


Tim