[ale] cygwin security concerns under Windows?
Adrin
adrin at bellsouth.net
Sat Aug 9 12:14:13 EDT 2008
I would try out cygwin.
Windows still has the task scheduler, You can setup what ever
script/program you want to run with that. If you try to use RPC from a
remote machine you will have random issues. RPC gets turned off,
remember blaster(?) of course not you probably where not using windows
then. I have seen RPC and Windows firewall rules get changed even in
domains with rules set to allow. then you have that windows user that
figures out he can run "stuff" remotely on other workstations and
servers.
I have used cygwin and sshd for years on my home machine for years. Long
since forgotten how I set it up. Of course it is not open to the WAN
and only one user is allowed to log in. You can even do port forward to
RDP this way. Plus you get all the "COOL" LINUX commands. Only problem
I have ever had was AVG like to flag have of the cygwin install as bad
stuff and remove it.
Adrin
P.S. If you have the money to burn there is always ScriptLogic.
On Fri, 2008-08-08 at 08:36 -0400, Jeff Lightner wrote:
> Sorry Chris.
>
> Didn't mean to suggest the replies regarding net weren't helpful.
>
> My comment about the security was in frustration at my coworker's
> intransigence on the cygwin/sshd idea. For that we wouldn't need expect
> because we could establish a trust relationship.
>
> Also as I noted for the net idea you wouldn't need expect either because
> it allows you to pass the password via command line. However, that in
> fact is slightly less secure because the password would be stored in
> clear text on the initiating host. Since we'd presumably be doing the
> cron job as root not a major issue so long as we insure the script isn't
> readable by anyone other than root.
>
> -----Original Message-----
> From: Chris Fowler [mailto:cfowler at outpostsentinel.com]
> Sent: Thursday, August 07, 2008 5:42 PM
> To: ale at ale.org
> Cc: Jeff Lightner
> Subject: Re: [ale] cygwin security concerns under Windows?
>
> Jeff Lightner wrote:
> >
> > Of course I still didn't see anything suggesting this was more secure
> > than running sshd on Cygwin.
> >
> I agree.
>
> If it was me, I would use sshd on cygwin. Use Expect to automate all
> your commands and remedies.
>
More information about the Ale
mailing list