[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

RE: Regarding root access to telnet



> -----Original Message-----
> From: redhat-list-bounces redhat com [mailto:redhat-list-
> bounces redhat com] On Behalf Of A Fadyushin it-centre ru
> Sent: Wednesday, February 22, 2006 8:27 AM
> To: redhat-list redhat com
> Subject: RE: Regarding root access to telnet
> 
> I strongly recommend you to limit access to telnet port of your server
> using appropriate firewall/xinetd configuration so the telnet sessions
> would be allowed only from specified list of IP addresses before
> allowing root (or any other user) to use telnet for logging into the
> server.

This certainly is good advice.  I even make this standard practice for
ssh services.

However, it is not that telnet as a service is inherently insecure,
however, the protocol is. (software vs. network, I am sure someone is
going to take this out of context)

The main concern regarding telnet is the transmission of data in clear
text.
This means anyone in between you and the server can intercept/alter
session data, making it trivial to sniff passwords or perform other
malicious activities with your session.

As it is using anything less than ssh in my opinion is a severe
violation/disregard of best practices.


-T 

> 
> Alexey Fadyushin
> Brainbench MVP for Linux
> http://www.brainbench.com
> 
> > -----Original Message-----
> > From: redhat-list-bounces redhat com [mailto:redhat-list-
> > bounces redhat com] On Behalf Of jerome dsilva
> > Sent: Wednesday, February 22, 2006 7:49 AM
> > To: General Red Hat Linux discussion list
> > Subject: RE: Regarding root access to telnet
> >
> > Move the /etc/security file and you will be able to
> > login as root using telnet..
> > But this is not a good practice at all.
> >
> > Jerome
> >
> > --- ssevengor tai com tr wrote:
> >
> > > Why root login using telnet, use ssh?
> > > This is very insecure and it is recommend disabling
> > > telnet.
> > > Serdar
> > >
> > > -----Original Message-----
> > > From: redhat-list-bounces redhat com
> > > [mailto:redhat-list-bounces redhat com] On Behalf Of
> > > Krishnaprasad
> > > Sent: Thursday, February 16, 2006 2:52 PM
> > > To: General Red Hat Linux discussion list
> > > Subject: Regarding root access to telnet
> > >
> > > hi all
> > >
> > > how can I enable root access to a machine through
> > > telnet.
> > >
> > > Thanks
> > > krishna
> > >
> > > --
> > > redhat-list mailing list
> > > unsubscribe
> > >
> > mailto:redhat-list-request redhat com?subject=unsubscribe
> > > https://www.redhat.com/mailman/listinfo/redhat-list
> > >
> > > --
> > > redhat-list mailing list
> > > unsubscribe
> > >
> > mailto:redhat-list-request redhat com?subject=unsubscribe
> > > https://www.redhat.com/mailman/listinfo/redhat-list
> > >
> >
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Tired of spam?  Yahoo! Mail has the best spam protection around
> > http://mail.yahoo.com
> >
> > --
> > redhat-list mailing list
> > unsubscribe
mailto:redhat-list-request redhat com?subject=unsubscribe
> > https://www.redhat.com/mailman/listinfo/redhat-list
> 
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request redhat com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]