Re: Telnet Exploit

From: Borja Marcos (borjamar@sarenet.es)
Date: 05/06/02 

From: Borja Marcos <borjamar@sarenet.es>
To: solarflux@ziplip.com
Date: Mon, 6 May 2002 23:03:09 +0200

On Monday 06 May 2002 21:37, you wrote:
> Why in the world are you using telnetd anyhow? You should be using SSHD
> and never telnetd. Telnetd should be 'forbidden'...

        Why? Do you think ssh is more secure? It may not be. Just think about the
complexity of ssh. It has been hit by a bug in zlib, for example. Or has zlib
had an audit as strict as ssh?

        Telnet has its problems, but we should not say that ssh is "more secure"
acritically. It is obvious that it has advantages, however.

        Borja.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Relevant Pages

  • POSIX nohup and SSH
    ... causes ssh to hang. ... claim it was telnetd that didn't ... I think that the POSIX nohup ... usage (int status) ...
    (comp.os.linux)
  • POSIX nohup and SSH
    ... causes ssh to hang. ... claim it was telnetd that didn't ... I think that the POSIX nohup ... usage (int status) ...
    (comp.unix.solaris)
  • Re: AdoreWorm
    ... >There is no reason I can think of to use ... >it on any modern server, because ssh clients are widely and freely ... didn't let ssh pass. ... I had no choice than to do everything via telnetd. ...
    (FreeBSD-Security)
  • Re: Telnet Exploit
    ... You should be using SSHD ... >> and never telnetd. ... It has been hit by a bug in zlib, ... When looking at a telnet or ftp connection, it shows everything, clear as ...
    (FreeBSD-Security)
  • Re: RedHat 7.2
    ... >>> stupid services, including ftpd, rshd, and telnetd instead of leaving ... > months has been that of an exploitable buffer overflow in the SSH daemon. ... The hole was fixed in OpenSSH for something like a year before it got ... vendors to publish source code or even admit the holes exist once ...
    (comp.os.linux.security)
Loading