Full Disclosure mailing list archives
Re: Re: Re: open telnet port
From: Dave Ewart <Dave.Ewart () cancer org uk>
Date: Thu, 9 Sep 2004 16:12:31 +0100
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thursday, 09.09.2004 at 10:47 -0400, Kenneth Ng wrote:
You really should not need this as the norm. I do this when I'm working on the ssh daemons, but thats about the only time. What I do is I enable it on a screwball port number, then use tcp wrappers to only allow access from my ip address and change the root password before I begin. In that way the opening is there while I may need it, and if I use the temporary root password, it won't do them much good unless they compromise the host I'm coming from. Afterwards I disable the service and change the root password back. If you need this on as the norm, please at least use TCP wrappers to limit from where it can be accessed, and change any used passwords immediately after reestablishing control.
Or, alternatively just use another SSH daemon or a different port and not have to faff around with exposing passwords in the first place :-) Dave. - -- Dave Ewart Dave.Ewart () cancer org uk Computing Manager, Epidemiology Unit, Oxford Cancer Research UK PGP: CC70 1883 BD92 E665 B840 118B 6E94 2CFD 694D E370 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFBQHLfbpQs/WlN43ARAuacAJoDuWWfOcfxc+eo20Xzs3gI1OZpWwCeLbZs NcGTEVhQy57dN/4yvuIN3R4= =5H6S -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Re: open telnet port, (continued)
- Re: Re: open telnet port list (Sep 08)
- Re: Re: open telnet port Dave Ewart (Sep 09)
- Re: Re: Re: open telnet port Kim B. Nielsen (Sep 09)
- Re: Re: Re: open telnet port Dave Ewart (Sep 09)
- Re: Re: Re: Re: open telnet port Dave Horsfall (Sep 09)
- Re: Re: Re: open telnet port list (Sep 09)
- Re: Re: Re: open telnet port Honza Vlach (Sep 09)
- Re: Re: Re: open telnet port Barrie Dempster (Sep 09)
- Re: Re: Re: open telnet port Kim B. Nielsen (Sep 09)
- Re: Re: Re: open telnet port Kenneth Ng (Sep 09)
- Re: Re: Re: open telnet port Dave Ewart (Sep 09)
- Re: Re: Re: open telnet port Andrew Haninger (Sep 09)
- Re: Re: Re: open telnet port ktabic (Sep 09)
- Re: Re: Re: open telnet port Barrie Dempster (Sep 09)
- Re: Re: Re: open telnet port Andrew Haninger (Sep 09)
- Re: Re: Re: open telnet port Gary E. Miller (Sep 09)
- Re: Re: Re: open telnet port Andrew Haninger (Sep 09)
- Re: Re: Re: open telnet port ktabic (Sep 09)
- Re: Re: Re: open telnet port Andrew Haninger (Sep 09)
- Re: Re: Re: open telnet port Valdis . Kletnieks (Sep 09)
- Re: Re: Re: open telnet port Paul W. Roach III (Sep 09)