[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

RE: Regarding root access to telnet



agreed,

For proof, just run a sniffer on the network segment as you login as root,
you will see, in plaintext, your root password.  (and any smtp passwords
from mail clients, but that's a different problem... ;)  

Regards,

Gavin McDonald
========================
EVI Logistic Enterprises
email: me gavitron com
phone: (604) 313-3845



> -----Original Message-----
> From: redhat-list-bounces redhat com [mailto:redhat-list-
> bounces redhat com] On Behalf Of Tobias Speckbacher
> Sent: Wednesday, February 22, 2006 10:22 AM
> To: General Red Hat Linux discussion list
> Subject: RE: Regarding root access to telnet
> 
> > -----Original Message-----
> > From: redhat-list-bounces redhat com [mailto:redhat-list-
> > bounces redhat com] On Behalf Of A Fadyushin it-centre ru
> > Sent: Wednesday, February 22, 2006 8:27 AM
> > To: redhat-list redhat com
> > Subject: RE: Regarding root access to telnet
> >
> > I strongly recommend you to limit access to telnet port of your server
> > using appropriate firewall/xinetd configuration so the telnet sessions
> > would be allowed only from specified list of IP addresses before
> > allowing root (or any other user) to use telnet for logging into the
> > server.
> 
> This certainly is good advice.  I even make this standard practice for
> ssh services.
> 
> However, it is not that telnet as a service is inherently insecure,
> however, the protocol is. (software vs. network, I am sure someone is
> going to take this out of context)
> 
> The main concern regarding telnet is the transmission of data in clear
> text.
> This means anyone in between you and the server can intercept/alter
> session data, making it trivial to sniff passwords or perform other
> malicious activities with your session.
> 
> As it is using anything less than ssh in my opinion is a severe
> violation/disregard of best practices.
> 
> 
> -T
> 
> >
> > Alexey Fadyushin
> > Brainbench MVP for Linux
> > http://www.brainbench.com
> >
> > > -----Original Message-----
> > > From: redhat-list-bounces redhat com [mailto:redhat-list-
> > > bounces redhat com] On Behalf Of jerome dsilva
> > > Sent: Wednesday, February 22, 2006 7:49 AM
> > > To: General Red Hat Linux discussion list
> > > Subject: RE: Regarding root access to telnet
> > >
> > > Move the /etc/security file and you will be able to
> > > login as root using telnet..
> > > But this is not a good practice at all.
> > >
> > > Jerome
> > >
> > > --- ssevengor tai com tr wrote:
> > >
> > > > Why root login using telnet, use ssh?
> > > > This is very insecure and it is recommend disabling
> > > > telnet.
> > > > Serdar
> > > >
> > > > -----Original Message-----
> > > > From: redhat-list-bounces redhat com
> > > > [mailto:redhat-list-bounces redhat com] On Behalf Of
> > > > Krishnaprasad
> > > > Sent: Thursday, February 16, 2006 2:52 PM
> > > > To: General Red Hat Linux discussion list
> > > > Subject: Regarding root access to telnet
> > > >
> > > > hi all
> > > >
> > > > how can I enable root access to a machine through
> > > > telnet.
> > > >
> > > > Thanks
> > > > krishna
> > > >
> > > > --
> > > > redhat-list mailing list
> > > > unsubscribe
> > > >
> > > mailto:redhat-list-request redhat com?subject=unsubscribe
> > > > https://www.redhat.com/mailman/listinfo/redhat-list
> > > >
> > > > --
> > > > redhat-list mailing list
> > > > unsubscribe
> > > >
> > > mailto:redhat-list-request redhat com?subject=unsubscribe
> > > > https://www.redhat.com/mailman/listinfo/redhat-list
> > > >
> > >
> > >
> > > __________________________________________________
> > > Do You Yahoo!?
> > > Tired of spam?  Yahoo! Mail has the best spam protection around
> > > http://mail.yahoo.com
> > >
> > > --
> > > redhat-list mailing list
> > > unsubscribe
> mailto:redhat-list-request redhat com?subject=unsubscribe
> > > https://www.redhat.com/mailman/listinfo/redhat-list
> >
> > --
> > redhat-list mailing list
> > unsubscribe mailto:redhat-list-request redhat com?subject=unsubscribe
> > https://www.redhat.com/mailman/listinfo/redhat-list
> 
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request redhat com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]