Regarding root access to telnet

Tobias Speckbacher TSpeckbacher at quova.com
Wed Feb 22 18:21:42 UTC 2006


> -----Original Message-----
> From: redhat-list-bounces at redhat.com [mailto:redhat-list-
> bounces at redhat.com] On Behalf Of A.Fadyushin at it-centre.ru
> Sent: Wednesday, February 22, 2006 8:27 AM
> To: redhat-list at redhat.com
> Subject: RE: Regarding root access to telnet
> 
> I strongly recommend you to limit access to telnet port of your server
> using appropriate firewall/xinetd configuration so the telnet sessions
> would be allowed only from specified list of IP addresses before
> allowing root (or any other user) to use telnet for logging into the
> server.

This certainly is good advice.  I even make this standard practice for
ssh services.

However, it is not that telnet as a service is inherently insecure,
however, the protocol is. (software vs. network, I am sure someone is
going to take this out of context)

The main concern regarding telnet is the transmission of data in clear
text.
This means anyone in between you and the server can intercept/alter
session data, making it trivial to sniff passwords or perform other
malicious activities with your session.

As it is using anything less than ssh in my opinion is a severe
violation/disregard of best practices.


-T 

> 
> Alexey Fadyushin
> Brainbench MVP for Linux
> http://www.brainbench.com
> 
> > -----Original Message-----
> > From: redhat-list-bounces at redhat.com [mailto:redhat-list-
> > bounces at redhat.com] On Behalf Of jerome dsilva
> > Sent: Wednesday, February 22, 2006 7:49 AM
> > To: General Red Hat Linux discussion list
> > Subject: RE: Regarding root access to telnet
> >
> > Move the /etc/security file and you will be able to
> > login as root using telnet..
> > But this is not a good practice at all.
> >
> > Jerome
> >
> > --- ssevengor at tai.com.tr wrote:
> >
> > > Why root login using telnet, use ssh?
> > > This is very insecure and it is recommend disabling
> > > telnet.
> > > Serdar
> > >
> > > -----Original Message-----
> > > From: redhat-list-bounces at redhat.com
> > > [mailto:redhat-list-bounces at redhat.com] On Behalf Of
> > > Krishnaprasad
> > > Sent: Thursday, February 16, 2006 2:52 PM
> > > To: General Red Hat Linux discussion list
> > > Subject: Regarding root access to telnet
> > >
> > > hi all
> > >
> > > how can I enable root access to a machine through
> > > telnet.
> > >
> > > Thanks
> > > krishna
> > >
> > > --
> > > redhat-list mailing list
> > > unsubscribe
> > >
> > mailto:redhat-list-request at redhat.com?subject=unsubscribe
> > > https://www.redhat.com/mailman/listinfo/redhat-list
> > >
> > > --
> > > redhat-list mailing list
> > > unsubscribe
> > >
> > mailto:redhat-list-request at redhat.com?subject=unsubscribe
> > > https://www.redhat.com/mailman/listinfo/redhat-list
> > >
> >
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Tired of spam?  Yahoo! Mail has the best spam protection around
> > http://mail.yahoo.com
> >
> > --
> > redhat-list mailing list
> > unsubscribe
mailto:redhat-list-request at redhat.com?subject=unsubscribe
> > https://www.redhat.com/mailman/listinfo/redhat-list
> 
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list




More information about the redhat-list mailing list