How many of these folks posting on here (newbies - trying to get their first Unix-like box online) do you think have taken the time to learn the ins-and-outs of tcp_wrappers, or inetd, or even simple init-scripts? Maybe I'm overreacting here, but since I've spent my time on "the other side of the wall" with security, that really concerns me.
I think new readers should check out this simple wake-up call, and at least learn how to turn off all services - turn them on again when you know what to do with them.
http://machineofthemonth.org/articles/a71/index.html
A poster recently touched upon the honeynet project - remote root access within 15 minutes on a default Redhat install (sure, it was 6.2, but 7.x isn't all that different).
How can we get word out about this without sounding like preachers? I would just hate to see someone's great new Unix-experiance muddled with the bitter taste of a cracking attack.
Any ideas?
-LivinFree
