Regarding root access to telnet
Gavin McDonald
gavitron at gmail.com
Wed Feb 22 18:26:03 UTC 2006
agreed,
For proof, just run a sniffer on the network segment as you login as root,
you will see, in plaintext, your root password. (and any smtp passwords
from mail clients, but that's a different problem... ;)
Regards,
Gavin McDonald
========================
EVI Logistic Enterprises
email: me at gavitron.com
phone: (604) 313-3845
> -----Original Message-----
> From: redhat-list-bounces at redhat.com [mailto:redhat-list-
> bounces at redhat.com] On Behalf Of Tobias Speckbacher
> Sent: Wednesday, February 22, 2006 10:22 AM
> To: General Red Hat Linux discussion list
> Subject: RE: Regarding root access to telnet
>
> > -----Original Message-----
> > From: redhat-list-bounces at redhat.com [mailto:redhat-list-
> > bounces at redhat.com] On Behalf Of A.Fadyushin at it-centre.ru
> > Sent: Wednesday, February 22, 2006 8:27 AM
> > To: redhat-list at redhat.com
> > Subject: RE: Regarding root access to telnet
> >
> > I strongly recommend you to limit access to telnet port of your server
> > using appropriate firewall/xinetd configuration so the telnet sessions
> > would be allowed only from specified list of IP addresses before
> > allowing root (or any other user) to use telnet for logging into the
> > server.
>
> This certainly is good advice. I even make this standard practice for
> ssh services.
>
> However, it is not that telnet as a service is inherently insecure,
> however, the protocol is. (software vs. network, I am sure someone is
> going to take this out of context)
>
> The main concern regarding telnet is the transmission of data in clear
> text.
> This means anyone in between you and the server can intercept/alter
> session data, making it trivial to sniff passwords or perform other
> malicious activities with your session.
>
> As it is using anything less than ssh in my opinion is a severe
> violation/disregard of best practices.
>
>
> -T
>
> >
> > Alexey Fadyushin
> > Brainbench MVP for Linux
> > http://www.brainbench.com
> >
> > > -----Original Message-----
> > > From: redhat-list-bounces at redhat.com [mailto:redhat-list-
> > > bounces at redhat.com] On Behalf Of jerome dsilva
> > > Sent: Wednesday, February 22, 2006 7:49 AM
> > > To: General Red Hat Linux discussion list
> > > Subject: RE: Regarding root access to telnet
> > >
> > > Move the /etc/security file and you will be able to
> > > login as root using telnet..
> > > But this is not a good practice at all.
> > >
> > > Jerome
> > >
> > > --- ssevengor at tai.com.tr wrote:
> > >
> > > > Why root login using telnet, use ssh?
> > > > This is very insecure and it is recommend disabling
> > > > telnet.
> > > > Serdar
> > > >
> > > > -----Original Message-----
> > > > From: redhat-list-bounces at redhat.com
> > > > [mailto:redhat-list-bounces at redhat.com] On Behalf Of
> > > > Krishnaprasad
> > > > Sent: Thursday, February 16, 2006 2:52 PM
> > > > To: General Red Hat Linux discussion list
> > > > Subject: Regarding root access to telnet
> > > >
> > > > hi all
> > > >
> > > > how can I enable root access to a machine through
> > > > telnet.
> > > >
> > > > Thanks
> > > > krishna
> > > >
> > > > --
> > > > redhat-list mailing list
> > > > unsubscribe
> > > >
> > > mailto:redhat-list-request at redhat.com?subject=unsubscribe
> > > > https://www.redhat.com/mailman/listinfo/redhat-list
> > > >
> > > > --
> > > > redhat-list mailing list
> > > > unsubscribe
> > > >
> > > mailto:redhat-list-request at redhat.com?subject=unsubscribe
> > > > https://www.redhat.com/mailman/listinfo/redhat-list
> > > >
> > >
> > >
> > > __________________________________________________
> > > Do You Yahoo!?
> > > Tired of spam? Yahoo! Mail has the best spam protection around
> > > http://mail.yahoo.com
> > >
> > > --
> > > redhat-list mailing list
> > > unsubscribe
> mailto:redhat-list-request at redhat.com?subject=unsubscribe
> > > https://www.redhat.com/mailman/listinfo/redhat-list
> >
> > --
> > redhat-list mailing list
> > unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> > https://www.redhat.com/mailman/listinfo/redhat-list
>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
More information about the redhat-list
mailing list