[CUWiN-Dev] Proposed Nodeconfig Change

[Matthew Isaacs]

On Tue, 2007-06-19 at 17:35 -0400, Paul A. Kennedy wrote:
> On Jun 19, 2007, at 5:13 PM, Joshua King wrote:
> 
> > I think that this would be a good idea. There is nothing keeping us  
> > from
> > having the configuration on the testbed builds be different than  
> > the one
> > on the public sourceforge builds. As Matt said, those builds are
> > necessarily insecure, and the most important thing is to make them  
> > easy
> > to use so people can fiddle with them more easily. Plus, it would get
> > more much-needed usability testing for nodeconfig.
> 
> Exactly who are we targeting here?
> 
> Do we want people who don't know the basics of using ssh to be  
> responsible for making network security decisions?  Wouldn't we  
> prefer them to read the man page for ssh rather than consider network  
> topology and security?
> 
> I think not knowing how to use ssh is a fine barrier to entry.
> 
> Paul
> 
> --
> Paul A. Kennedy
> pakenned at pobox.com
> 
> 
> 
> _______________________________________________
> CU-Wireless-Dev mailing list
> CU-Wireless-Dev at lists.cuwireless.net
> http://lists.chambana.net/cgi-bin/listinfo/cu-wireless-dev

We're talking folks who simply download the public flash images or
ISO's, and boot them up, and don't bother doing their own build.
Without doing their own build, all the system passwords are the defaults
specified in the documentation.  As such, the system is insecure, and
someone wishing to wreak havoc with/on such a node would only need to
ssh using the default root password.  This presents a much more
interesting security hole for a potential hacker than a web gui that
only allows someone to configure a predetermined set of options.

I agree that this solution is not suitable in a production environment,
however one would hope that no one is using the public images in such a
manner, due to the password and other security issues.

--
Matt