| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: barrie at qnrl.com (Barrie Dempster) Subject: Re: Re: open telnet port So you'd leave telnet on just incase ssh broke? Can we say "unnecessary service"? Leaving an extra avenue of attack because you might break your SSH is a bad bad bad bad idea. Next you'll be telling us you have a backup user called "test" with password "test" and uid 0, just incase you forget your root pass. Last resort wouldn't be running an unnecessary, unencrypted login service, It would be going local. On Thu, 2004-09-09 at 12:17, Kim B. Nielsen wrote: > A reasonable use for telnet is when the ssh deamon goes down, or isn't > started on bootup because of some configuration error... > > Yes, I know it isn't secure, but sometimes it can be the last resort... > > /kbn > > Dave Ewart wrote: > > >-----BEGIN PGP SIGNED MESSAGE----- > >Hash: SHA1 > > > >On Thursday, 09.09.2004 at 08:13 +0200, list@...og.org wrote: > > > > > > > >>Steve Kudlak wrote: > >> > >> > >>>I'll ask my friend what he does as the "just don't do x" or just get > >>>rid of x never seems like a good idea. If you try to connect with > >>>telnet rather than ssh to that box it just doesn't go through. > >>> > >>> > >>getting rid of telnetd is almost always a very good idea. > >> > >> > > > >Quite so, as I suggested. > > > >Are there even any legitimate uses for running a telnet daemon any more? > >(That is a genuine question - as far as I can see, SSH is always a > >perfect replacement). > > > >Dave. > >- -- > >Dave Ewart > >Dave.Ewart@...cer.org.uk > >Computing Manager, Epidemiology Unit, Oxford > >Cancer Research UK > >PGP: CC70 1883 BD92 E665 B840 118B 6E94 2CFD 694D E370 > > > >-----BEGIN PGP SIGNATURE----- > >Version: GnuPG v1.2.4 (GNU/Linux) > > > >iD8DBQFBQBL8bpQs/WlN43ARAr0TAJ9N340MHUdsbQV3iiW2rD4sXWNjEwCg4/wm > >yh0Fe7/G58Dgu+pKoSJAtGM= > >=hCDd > >-----END PGP SIGNATURE----- > > > >_______________________________________________ > >Full-Disclosure - We believe in it. > >Charter: http://lists.netsys.com/full-disclosure-charter.html > > > > -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040909/ba1ee1cc/attachment.bin
Powered by blists - more mailing lists