Full Disclosure mailing list archives
RE: Re: Re: open telnet port
From: "Todd Towles" <toddtowles () brookshires com>
Date: Thu, 9 Sep 2004 09:38:16 -0500
If you are going to leave telnet open, why would a attacker even mess with SSH? I would have to agree with the other guys, having a person there at the remote site (I am sure you have someone) fix the issue. Or find another encrypted method. Even on a internal network, I would be against using it full-time. Unless you trust every person on your internal network? I mean security breakin don't come from the inside right? ;) lol -----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] On Behalf Of Dries Robberechts Sent: Thursday, September 09, 2004 8:05 AM To: full-disclosure () lists netsys com Subject: Re: [Full-disclosure] Re: Re: open telnet port I disagree, when running telnetd, people will use it and hence create a security flaw. Moreover, you would use it yourself with the very intention of becoming root and starting a secure daemon, which in my opinion can do lot more harm than good. Even on a (virtual) private network I would try to avoid it whenever possible, but using it on a public network as a backup I wouldn't even consider. Dries.
A reasonable use for telnet is when the ssh deamon goes down, or isn't
started on bootup because of some configuration error... Yes, I know it isn't secure, but sometimes it can be the last
resort... _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Re: Re: open telnet port, (continued)
- Re: Re: Re: open telnet port Raj Mathur (Sep 09)
- Re: Re: Re: open telnet port Barry Fitzgerald (Sep 10)
- Re: Re: open telnet port A.J. (Sep 09)
- Re: open telnet port harry (Sep 07)
- Re: open telnet port cel0x (Sep 07)
- Re: open telnet port A.J. (Sep 07)
- Re: open telnet port David Huecking (Sep 07)
- Re: open telnet port Kenneth Ng (Sep 07)
- Re: open telnet port Riccardo Pizzi (Sep 07)
- Re: Re: Re: open telnet port Dries Robberechts (Sep 09)
- RE: Re: Re: open telnet port Todd Towles (Sep 09)
- RE: Re: open telnet port Yaakov Yehudi (Sep 09)
- RE: Re: Re: open telnet port Todd Towles (Sep 09)
- RE: Re: Re: open telnet port Robert Moss (Sep 10)