LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
Reload this Page ddclient - security issue?
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 08-07-2006, 11:27 AM   #1
Foomajick
LQ Newbie
 
Registered: Jan 2006
Location: Dublin
Distribution: Mandriva 2006 (desktop), Debian (server)
Posts: 16

Rep: Reputation: 0
ddclient - security issue?

Anyone else bothered by the fact that ddclient.conf contains an unecrypted username and password? Chmoding to 600 only makes me a little less nervous.

Of course if someone gets permission to read ddclient.conf (root permission), then I guess being able to change my zone files would only be a small concern, but what about the http requests when ddclient updates my zone file? Does anyone know if it's a security issue, and if so, how can it be encrypted?

Thanks!

P.S. I'm run Debian Sarge on an old laptop (Compaq Armada 7800) as a home server experiment, with a dynamic IP address. And it's working beautifully, almost for free! Why pay?!
Last edited by Foomajick; 08-07-2006 at 11:45 AM.
 
Old 08-08-2006, 08:42 PM   #2
gilead
Senior Member
 
Registered: Dec 2005
Location: Brisbane, Australia
Distribution: Slackware64 14.0
Posts: 4,141

Rep: Reputation: 168Reputation: 168
According to http://www.dyndns.com/support/kb/arc..._services.html, ddclient used http up until version 3.7.0. From version 3.7.0 you can add ssl=yes to your conf file and use https.
 
Old 08-11-2006, 05:11 PM   #3
Foomajick
LQ Newbie
 
Registered: Jan 2006
Location: Dublin
Distribution: Mandriva 2006 (desktop), Debian (server)
Posts: 16

Original Poster
Rep: Reputation: 0
Thanks gilead, I hadn't come across that. I'm looking into that.
 
Old 08-11-2006, 08:06 PM   #4
gilead
Senior Member
 
Registered: Dec 2005
Location: Brisbane, Australia
Distribution: Slackware64 14.0
Posts: 4,141

Rep: Reputation: 168Reputation: 168
I installed it a few days ago to try it on a box here. The SSL setting works fine, packet sniffing with ethereal just captured gibberish.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
bzip2 1.0.2 Security Issue win32sux Slackware 2 06-13-2005 06:49 PM
Apache security issue ivanatora Linux - General 4 04-18-2005 05:46 AM
webmin issue, poss security issue bejiita Slackware 3 11-03-2004 06:07 AM
Security issue in Slackware 9.1 odin123 Slackware 6 11-03-2003 08:44 AM
Security issue.. marcoc Linux - Newbie 8 05-01-2002 06:14 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 03:26 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration