On Sat, 23 Jun 2001, Federico Sevilla III wrote:
> Why remove telnet altogether? Because if you just disable it, it will use
> space on your hard drive is one. Why disable it, then? Because it is
> unencrypted and it is so easy (and common) for people to sniff around,
> waiting for precious information to come by them (ie: your password or
> some other [l]user's).
I won't deal with the points Jijo raised regarding root logins. My belief
is that no one who understands the difference between the superuser and a
normal user would knowingly login as root unless absolutely necessary.
These case occurs rarely, and usually happens non-remote. Reasons why one
would _have_ to login immediately as superuser evades my feeble mind.
However, I would be quick to point out that removing telnet altogether is
not the only solution. Maybe removing plain vanilla telnetd would suffice,
but the telnet client itself is an important and handy tool to use in a
variety of circumstances. The telnet service on the other hand can also be
hardened to provide encrypted sessions. telnet-ssl and telnetd-ssl provide
the client and server implementations of this useful tool and service with
encryption mechanisms that are similar to ssh. If ssh is a secure
replacement for rsh (remote shell, not restricted shell), telnet-ssl is a
replacement for telnet. Superficially they do the same thing. On closer
inspection, they are not the same tool. One provides things the other
cannot. If the differences aren't obvious to you, then you probably don't
need to choose one over the other. For some of us though, ssh doesn't fit
all our needs. :)
I may be wrong, and I might just not know how to do this with ssh, but I
don't see any way I can use ssh to perform:
telnet -z ssl www.netscape.com https
GET / HTTP/1.0
Anyone who can point out how to do this with ssh is most welcome to
correct me.
I use telnet a lot in diagnosing problems with services. Removing telnet
altogether is not recommended. Removing the telnet service, perhaps.
___ eric pareja ([EMAIL PROTECTED]) ~-=[O]=-~ Here, have a clue. Get the picture.
\@/ PGP key at http://gra.ph/~xenos/xenos.pgp <|PLUG|> http://gra.ph
v "Even the smallest person can change the course of the future."
- Lady Galadriel in J.R.R. Tolkien's "The Lord of the Rings"
_
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
To subscribe to the Linux Newbies' List: send "subscribe" in the body to
[EMAIL PROTECTED]
