mooxe
06-12-2005, 03:45
If anyone knows Linux they know now to use the administrators account for anything but administrating. This basic rule has been preached to me on each and every *nix course I'v attended.
I find that alot of people just use thier admin account to login, it is possible that your password will get sniffed. Theres a multitude of sniffer programs out there. TS sends your password in the clear to the TS server and if its sent via the common port 8767 then they know what port to listen on. A layered defence is best.
- Turn off all SA granting and revoking rights
- 8+ Character password that includeds numbers/capitals and other non-letter characters. Do not use words, dates or anything meaningful.
- Virus Scanner
- Popup Blocker
- Anti Spyware util
- Firewall and finally...
- only use your admin account for administrating your server!
Follow those rules and your server wont ever be compromised.
I find that alot of people just use thier admin account to login, it is possible that your password will get sniffed. Theres a multitude of sniffer programs out there. TS sends your password in the clear to the TS server and if its sent via the common port 8767 then they know what port to listen on. A layered defence is best.
- Turn off all SA granting and revoking rights
- 8+ Character password that includeds numbers/capitals and other non-letter characters. Do not use words, dates or anything meaningful.
- Virus Scanner
- Popup Blocker
- Anti Spyware util
- Firewall and finally...
- only use your admin account for administrating your server!
Follow those rules and your server wont ever be compromised.