On Tuesday, November 8, "Shawn K. Quinn" wrote: > > Telnet is a horribly insecure protocol subject to at least two attacks > by third parties with access to any part of the network between the two > hosts. Thus, telnetd is gone for a damn good reason, that being that > it's a turd that has no place in a "secure by default" OS.
nc(1) is an option... > If you absolutely must have telnetd, I guess you can compile it from the > source in 3.7, but please, you should be fully aware that this opens up > security holes big enough that a tank can be driven through without the > appropriate countermeasures; at a minimum, you should use one-time > passwords (S/Key) to make password sniffing useless, and only allow > telnet connections from networks where you know for sure nobody with > root access will try to hijack or eavesdrop on connections (such as a > LAN where either you are the sole admin or you know and trust the other > admins). Or tunnel it... oh, say through ssh? :) :) :) --Toby.
