Insecure services found

[fshmcallister]

We found insecure services installed on {devices}. Because these services are considered insecure, it is recommended that you uninstall them. Run sudo apt-get purge {services}to disable all insecure services.

part of #198

[fshmcallister]

TITLE
Insecure services found

Uninstall services

TL;DR
Insecure services [SERVICE(S)] found on [DEVICE(S)]. These services may either be outdated or inherently insecure due to lack of encryption of information like usernames and passwords, or the use of insecure protocols. Using these services over the internet greatly increases your risk of being intercepted by 'man-in-the-middle' attacks. Remove and uninstall these by running sudo apt-get purge [SERVICE(S)].

FAQ
Services are simply a collection of background processes, or daemons. As such, they run in the background of your system and you are unlikely to be aware of them until you need them. Examples of Linux services include Apache or MySQL. Whilst not inherently insecure, some services may use insecure protocols and this can compromise your system.

Some services though are insecure by nature. Older services like Telnet and FTP are highly vulnerable and should not be used for secure applications. Additionally, some services are not designed for use across the internet but rather over local networks. Security focused distributions of Linux such as Red Hat have these services disabled by default.

We recommend for your security to either uninstall these services or disable them.

[fshmcallister]

I don't like the FAQ portion for this

[vpetersson]

Agreed @fshmcallister - it doesn't read that well.

[fshmcallister]

FAQ
Services are simply a collection of background processes, or daemons. For example, WoTT's agent runs as a service on your node. A service is not necessarily inherently insecure, although some older services may use outdated protocols and this can compromise your system.

Services like Telnet, RSH, and FTP are still readily available, however they are outdated and vulnerable and should not be used for any secure applications. We recommend for your security to either uninstall these services or disable them and use more secure alternatives such as SSH instead.

[fshmcallister]

better?

[vpetersson]

I guess what stands out to me is the word service. I know it was in the initial wording.

Let me try something:

There are generations of services. Many older services, like Telnet, RSH, and FTP are still readily available in most Linux distribution. However it is generally considered bad practice to use these nowadays as they are often unencrypted in transit, meaning that sensitive data, such as passwords can be intercepted in transit. Moreover, older and insecure services may expose your system to attacks. We recommend for your security to either uninstall these services or disable them and use more secure alternatives that provide better security.

[fshmcallister]

Yeah I think I see what you mean. Do you think it's not necessary then to describe what a service is? I've tweaked it a bit more for grammar.

There are multiple generations of services. Many older services, like Telnet, RSH, and FTP are still readily available in most Linux distributions. However, it is generally considered bad practice to use these nowadays as they are often unencrypted in transit, meaning that sensitive data, such as passwords, can be intercepted in transit. Moreover, older and insecure services may expose your system to attacks. We recommend for your security to either uninstall these services or disable them and use more secure alternatives that provide better security.

[vpetersson]

That's better. Thanks @fshmcallister.

[fshmcallister]

TITLE
Insecure service detected (${SERVICE})

TL;DR
We have detected ${SERVICE} installed. This service may either be outdated or inherently insecure.
It is recommended that you uninstall this service as soon as possible.

FAQ

There are multiple generations of services. Many older services, like Telnet, RSH, and FTP are still readily available in most Linux distributions. However, it is generally considered bad practice to use these nowadays as they are often unencrypted in transit, meaning that sensitive data, such as passwords and content can be intercepted in transit. Moreover, older and insecure services may expose your system to attacks. We recommend for your security to either uninstall these services or disable them and use more secure alternatives that provide better security.

Code Block

To uninstall the insecure service, run:

```
$ sudo apt-get purge ${SERVICE}
```

[a-martynovich]

@vpetersson We refactored this RA to be one per service. Now we're back at one RA for all services again?

[vpetersson]

@vpetersson We refactored this RA to be one per service. Now we're back at one RA for all services again?

Well, the documentation was based on the data dump I received. We shouldn't revert this back. Rather we should use the new model with one per service.