I agree. If you have a small internal user base to support telnet
functionality to your machine, then I would seriously
look into using OpenSSH and eliminate telnet. If they are telnet'ing from
other Unix type os'es, then SSH clients
should be available for them and there are telnet clients for Windows that
support SSH as well.
|---------+---------------------------->
| | Alan Cox |
| | <[EMAIL PROTECTED]|
| | u.org.uk> |
| | Sent by: Linux on|
| | 390 Port |
| | <[EMAIL PROTECTED]|
| | IST.EDU> |
| | |
| | |
| | 03/21/2003 10:12 |
| | Please respond to|
| | Linux on 390 Port|
| | |
|---------+---------------------------->
>----------------------------------------------------------------------------------------------------------------------------------------------|
|
|
| To: [EMAIL PROTECTED]
|
| cc:
|
| Subject: Re: What is the best way to limit Linux Telnet access to /localho
st o nly |
>----------------------------------------------------------------------------------------------------------------------------------------------|
On Thu, 2003-03-20 at 21:15, Kharnas, Simon wrote:
> Hello, Mark.
>
> I am trying to limit the telnet logon from the outside world. I thought
that
> DENY and ALLOW files can limit that access, so that the outside (i.e.
> Internet users) would not be able to logon to the server on a regular
basis.
> I still would like to allow the local users to access the host via
telnet.
I would recommend using firewall rules rather than DENY/ALLOW as they
are stronger protections. I'd recommend exterminating telnet entirely
but providing you have total trust in anyone on your local lans, no
wireless links and so on then its obviously easier to relax and not use
encryption.
