Quote:

looks like that's the problem, I changed my fast link button from the IP to the hostname and it's coming up properly now, ty.

Quote:

erm... scroll down a bit and you'll see a 'quote' button below the options, to the left of the Preview button

UNIX. VMS. MVS.

All highly advanced operating systems of the time. Again, for a shop-OS it was advanced, but in the real world of "all OSes" it wasn't.

Plus I am talking about the OS, not the "hardware" of the Amiga.

Then that is before we mention the Sinclair QL.

Quote:

You are kidding right?

The alternative was a peecee running with 4 colours, sixteen if you were lucky and a rasping beep sound. The operating system was MSDOS 2 or 3 and you could run Digital Research GEM if you were a masochist.

I agree with the Sister that Workbench 1.x was out of this world when it appeared in the shops running on an A1000.

The whole package was more futuristic than the science fiction films of the time. I remember configuring 'Say' to sound like HAL from the movie 2001. I used to try and get it to say;
"I'm afraid I cannot do that, Dave".
I used to invite friends round and say to my Amiga, "Open the pod bay door HAL".
Later, I would program all the phrases spoken by HAL into my Amiga. "Just a moment!, just a moment!, "I'm losing my mind Dave", "I can feel it".

Al in all, I really do believe that for productivity, you just can't beat WB2.05. I am yet to see something out there that can compete with this sublime Operating System.

If Retrogeek can find me a decent A2000 then I might try 3.1 - he advises that the A2000 is the best machine to run this on - but deep down I believe that I will probably go back to 2.05.

In this case, I will probably return to my A600 because it is a very convenient size and I never use the keypad.

There is a step by step guide to using samba on the internet for the Amiga. Written by the same Mikey_C. It would help the clueless get it online.

It is possible to set up an insecure samba configuration - especially if you are desperately trying to hack things about.

As there are daemons available on os4depot, people will install them, use them and some will forget they have them live. WindowsXP home is a desktop OS, so was Windows 98, and 95, and ME. All of them are incredibly easy to screw up what little security they have by default and install daemons.

All these words of advice that have been put on this thread need to be put into a faq, or a wiki or something.

I hope amigans.net will provide a wiki facility. If you don't know what danger you are putting yourself in by installing a bit of software, you will end up putting yourself at risk at some point.

That is why spyware scanners also pick up keystroke loggers, the odd trojan and other foolish error. That is why nessus doesn't just test ports that are open, it looks for badly configured software running on them. If we don't ever contribute plugins ( for example ) it never will be able to. If we don't think about it sooner, the task will become mammoth the more software is written and used on our Amigas whatever its internal architecture.

Quote:

Even if you had one it would not do you any good, it will not run on a classic, A1's use UBOOT and SLB to load in the kickstart modules, You don't have either, the classic OS is started in a different way and needs different files, so forget it and wait for an official release.

I'd like to buy a new game for my CD32. What I currently have are Pinball Fantasies and Sleepwalker (which came with the system), Defender of the Crown II, Lemmings, Microcosm, Sim City, Labyrinth, Liberation, The Chaos Engine, Guy Spy, and The Hound of the Baskervilles. Any ideas for another good game?

Ok, I got your point.
But you should separate some things. AmigaOS4 is a desktop OS. Not a server operating system. For HTTP/etc server I would use Linux or BSD. So daemons should be out of our picture.
You can use them for testing or hobby but not for serious server install. That's a different story and that need multiuser support in lower level.
As a webclient I'd say OS4 is secure. If you are using telnet it's the same as on any other system. It's vulnerable for snooping.
You should be careful with Samba only but if you have knowledge to install and maintain it, you should know what you are doing.

But we are consumers! When it was released, AmigaOS was the best of all consumer operating systems.
My sister used to own an Atari ST at that time. We always argued about what the better computer was.
As I remember, the Atari did not have any multitasking capabilities at that time. And the operating system looked very ugly and had neon green colours!
I preferred my Amiga with a blue Workbench 1.3.

Thanks for the link, Raziel.

It may have been said, but it isn't true unless the only OSes you were aware of at the time were consumer oriented ones.

For a start all the OS functions are designed for that OS so it isn't a matter of injecting a "binary". If you can call shell commands ( just for example ) you can screw up the system.

Hypothetical scenario:

Web server on Amiga is installed by user and puts it online. This web server runs executables ( CGI ) from the path.

Attacker goes http://my-amiga.online.com/cgi/del%20SYS:%20ALL

Kiss goodbye to sys:

Not saying this will happen with any web servers out there, but just assuming someone was cretinous to write a web server that ran cgi scripts from a path environment variable. It would.

But the point is worse than that. The point is that the person who wrote the web server had to compensate for the lack of group/user permissions protecting the filesystem ( and the processes ). OK?

A common attack of a year ago was to use a bit of portal server code which ran a series of commands like curl, wget etc available in the path to download whatever the hacker wanted to the system. OK? So the point was, the hacker didn't need to care what the architecture of the system was - just the existence of a shell was sufficient - and poorly configured security permissions.

Now take the Amiga. No security permissions whatsoever.

Now do you see my point? "I should be ok" sure. "you are ok so long as you don't open a port" sure. But what if someone does? Do they have to be the sucker for everyone else to exploit or do we provide some words of advice - or at best - contributions to the nessus plugin database to help people scan for flaws.

The amiga has got to be one of the most automatable systems out there besides UNIX, AREXX not only runs scripts but it can address message ports. If it can address message ports there isn't a lot it can't do, including bugger up devices.

So again, once in, a hacker could cause havoc. How they get in, whether trojan or via a daemon on an open port.

Stuff it, why bother? Why ever have virus checkers or scanners, no one will hurt us! No one will mug me as I walk down this dark alleyway after all I am no threat to anyone.....

The clueless use computers too you know.

Quote:

Yes of course.

No, to be honest I didn't check the battery!

Quote:

The card was brand new so I didn't check the battery - I will do this over the weekend.
My kickstart and OS is 2.05

How could you execute the code brought in by the security holes ?
How do you stop a "daemon" on AmigaOS?
Code: Amiga OS 3.1(m68), Amiga OS 4(PPC), MorphOS(PPC), AROS(x86),
not every Amiga uses the same OS mostly even not the same CPU.

Best Luck to try it, there are many many security holes in the old ports, but i do not know a way to use them for anything dangerous.

The Trojan horse would not find the way out of the computer

The last virus on my Amiga was on the bootblock of a floppy disk, no floppy disks no virus.
There where some in old archives on the internet, but nothing that could spread.

I'd never heard that before ( aliens ) and it wasn't particularly advanced - advanced for the price point perhaps, advanced as a package.

The ftp is still up, though

BTTR ftp

> In any incarnation is AmigaOS secure enough to risk connecting to the internet with your private data on the system?

If you even have to ask this question, then it's secure.

> Every other OS out there has holes and flaws and I was wondering ( in the light of a lot of people investigating the retro classic market ) if it is worth building a list of what you should and should not do with an Amiga online?

Most other operating systems provide something to the outside world which is deemed a "service", that is, it has got something to offer. If for an outsider there is no point in using your computer, then there's no lever to abuse it either.

> Is the advice always: Use a hardware firewall.

This is generally a good idea, but in the case of an Amiga, not really needed. And it has not even something to do with obscurity, just with the absence of services. So ask yourself what services your Amiga offers to the network. If the answer is "nothing" (which is likely), then there's nothing to worry about.

I believe I read somewhere on the world wide web that it had closed down for good and that none of the material was available.

What I am looking for is a similar site but concentrating on productivity software.

Quote:

First virus a virus checker found on my A1200 was a trojan horse, it was even called "trojan" something. That was before it was ever put on the internet. What is it they say about the stock exchange? Past performance is no indication of future performance.

This applies in spades to security.


Quote:

Daemon is a concept as well as an implementation method on UNIX. Apache is a daemon. SMB is a daemon.

Amtelnet is a SSH client, SSHv1, and I won't use it because of that ( insecure ).

Anyhow I feel I'm going round in circles and banging my head on a brick wall - at the very least I think some people aren't reading thoroughly before they reply.

Quote:

I agree wholeheartedly.

I connect to the Internet and the World Wide Web using my A600 via pcmcia ethernet to my netgear ADSL firewall router.

Even with this high level of security I still need to be on constant alert for fishing sites and freakers.