Hi gurus,
I have a user who wishes to boot a NCD diskless terminal off our main
group server via tftp (trivial FTP). From what system admin books I have
to hand, I gather there are some notorious security holes associated with
tftp, for example tftp does not require an account or password.
Furthermore, files can be written by all users on all hosts that can be
reached through the network if they already exist and are publicly
writable.
However, the user has an option to boot from another workstation outside
of our group and which am I am not responsible for. Would this be a better
option? Or would this allow further potential malice activities?
What are other administrator thoughts? Should I be paranoid?
Summary to follow.
Regards,
Rich
/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/ _ \_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\
/_/ Richard A Bemrose /_\ Polymers and Colloids Group \_\
/_/ email: rb237_at_phy.cam.ac.uk /_\ Cavendish Laboratory \_\
/_/ Tel: +44 (0)1223 337 267 /_\ University of Cambridge \_\
/_/ Fax: +44 (0)1223 337 000 /_\ Madingley Road \_\
/_/ (space for rent) / \ Cambridge, CB3 0HE, UK \_\
/_/_/_/_/_/_/
http://www.poco.phy.cam.ac.uk/~rb237 \_\_\_\_\_\_\
"Life is everything and nothing all at once"
-- Billy Corgan, Smashing Pumpkins
Received on Wed Jul 15 1998 - 17:20:59 NZST