If you are going to leave telnet open, why would a attacker even mess with SSH? I would have to agree with the other guys, having a person there at the remote site (I am sure you have someone) fix the issue. Or find another encrypted method. Even on a internal network, I would be against using it full-time. Unless you trust every person on your internal network? I mean security breakin don't come from the inside right? ;) lol
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dries Robberechts Sent: Thursday, September 09, 2004 8:05 AM To: [EMAIL PROTECTED] Subject: Re: [Full-Disclosure] Re: Re: open telnet port I disagree, when running telnetd, people will use it and hence create a security flaw. Moreover, you would use it yourself with the very intention of becoming root and starting a secure daemon, which in my opinion can do lot more harm than good. Even on a (virtual) private network I would try to avoid it whenever possible, but using it on a public network as a backup I wouldn't even consider. Dries. > A reasonable use for telnet is when the ssh deamon goes down, or isn't > started on bootup because of some configuration error... > > Yes, I know it isn't secure, but sometimes it can be the last resort... _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
