-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
NotDashEscaped: You need GnuPG to verify this message

On Fri, 12 Dec 2003 16:59:34 -0800, Adams-Blake Company <atakeoutcanton@adams-blaketakeout.com> wrote:
> I gotta tell ya. I was really freaked thinking I'd left a root login "open"
> for three weeks while connected to the net. Isn't that a direct invitation
> to be hacked to death?

Leaving a terminal open with root logged in to it isn't, AFAIK, any more
of a security threat from the outside than not having one open. It's
running clients and things that might contain exploits that can give you
problems.

Once they got to the point they were able to take control of your root's
login session, you're pretty much screwed already. :-)

--
Rob | If not safe,
Email and Jabber: | one can never be free.
athlonrob at axpr dot net |
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQE/2m/Thm6KEoOOAe0RAkfFAKCvCEg5VWZ3rID4M5JkvbDWR3G6qgCgv 6eg
ZeolkTnPK/MuC91+DjH5Gy8=
=g8E8
-----END PGP SIGNATURE-----

AthlonRob wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> NotDashEscaped: You need GnuPG to verify this message
>
> On Fri, 12 Dec 2003 16:59:34 -0800, Adams-Blake Company
> <atakeoutcanton@adams-blaketakeout.com> wrote:
>> I gotta tell ya. I was really freaked thinking I'd left a root login
>> "open" for three weeks while connected to the net. Isn't that a direct
>> invitation to be hacked to death?
>
> Leaving a terminal open with root logged in to it isn't, AFAIK, any more
> of a security threat from the outside than not having one open. It's
> running clients and things that might contain exploits that can give you
> problems.
>
> Once they got to the point they were able to take control of your root's
> login session, you're pretty much screwed already. :-)
>


You folks are the best. I really appreciate all the help.

Al

> "Pseudo Teletype # 1"
>
> OK, I know that doesn't make much sense, so an explanation is in order.

Excellant Story / Explaination.

Thank You,

Bob De Mars