| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Pine.LNX.4.61.0409102336260.16221@catbert.rellim.com> From: gem at rellim.com (Gary E. Miller) Subject: Re: Re: Re: open telnet port -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Yo Andrew! On Fri, 10 Sep 2004, Andrew Farmer wrote: > Still don't know why you'd use these instead of ssh/sftp, though. As noted here earlier, if you update OpenSSL you stand a good chance of dropping ALL your ssh conections until you install a matching ssh update. Most sshd will not start if the openssl libs on the disk are not the same exact version it was compiled with. When I am updateing hosts hundreds or thousands of miles away in an unattended facility I can not take chances on a fatal mistake during an update. A backdoor telnet has saved my butt many times. Also seen cases where a trojaned sshd was installed on the target machine, but it would not run due to configuration issues. Having a backdoor telnet means the system is back up in 5 minutes of remote twiddling instead of dispatching someone to a remote co-lo. Gotta keep the single points of failure to a minimum. RGDS GARY - --------------------------------------------------------------------------- Gary E. Miller Rellim 20340 Empire Blvd, Suite E-3, Bend, OR 97701 gem@...lim.com Tel:+1(541)382-8588 Fax: +1(541)382-8676 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQFBQp5/8KZibdeR3qURAsJkAJ9GkiouGrOaOZGdVV3IWZGHWZwisQCfYWKw Y2AkZ5AhztSUzO5D8j4cUAM= =OrJe -----END PGP SIGNATURE-----
Powered by blists - more mailing lists