Hi, On Sat, 25 Sep 2004, Rick Moen wrote:
> Quoting Richard A Nelson ([EMAIL PROTECTED]): > > > The point remains that while telnet/ftp should be treated as deprecated > > when feasible, sometimes there just aren't alternatives. > > My entire document (http://linuxmafia.com/ssh) is devoted to documenting > why that argument fails to hold water. ;-> (Reminds me: I should > mention, there, that MVS port.) > The question isn't if stop using telnet. The question is why Debian's telnetd is still vunerable. Sometimes when I make large changes on my servers (sometimes a bit far from me), I use telnetd (the ssl version, so password is a bit secure than plain telnet) as a backup. When sshd is changed, when I modified iptables around 22 etc. Yes, of course, I setup timeouts for those changes, but it isn't important (reboot is a bad solution). The important question is: "Is telnetd still supported in Debian?" Or is this security bug unreal? Best regards, Milan Jurik -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
