Bruno Negr�o wrote: > > So, since I know all machines and users in my lan, I can calmly give telnets > to the root user (considering the client and server are here, in my lan).
Depends upon what you mean when you say "since I know all machines". If any one machine gets compromised, traffic from all the other machines can be compromised whether or not the network is switched. You can decrease risk significantly by using SSH instead of telnet and by not allowing direct logins by root. -- Gary Flynn Security Engineer - Technical Services James Madison University Please R.U.N.S.A.F.E. http://www.jmu.edu/computing/runsafe _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
