Re: in.telnetd vulnerability??

From: stephen@acgroup.ucsc.edu
Date: 08/03/01


Date: Fri, 3 Aug 2001 07:35:44 -0700 (PDT)
From: <stephen@acgroup.ucsc.edu>
To: Stephen J Fralich <sjfralic@ecs.syr.edu>
Subject: Re: in.telnetd vulnerability??
Message-ID: <Pine.GSO.4.31.0108030732550.19849-100000@cavecanem.ucsc.edu>


Well we are taking a Draconian path and telling our users that the
love affair with telnet is over. It wasn't that hard. We simply
make it sound like a better telnet that will hide all of there
sensitive information from snoopers on the net. Unless they are
really good snoopers.

Security here has become such an issue, since we have been hit
and compromised (inconvenienced) so many times that our users
jump at software that will make things a lot more secure.

Let's hope our marketing doesn't backfire... ;-)

Stephen Hauskins
Academic Computing Group
Natural Sciences Division

Omnia iam fient fieri quae posse negabam

On Thu, 2 Aug 2001, Stephen J Fralich wrote:

> ssh is used for any administrative work, but I'll let you come tell my
> users they have to run a different program or *gasp* install a new program
> on their own machines if they want to use the systems...heresy!! Well,
> until the system get's compromised...then it would be why wasn't the
> system more secure?
>
> Stephen's Rule #1 of Computer Support: If they're not complaining about
> their problems, they're complaining about your solution.
>
> Stephen ;-)
>
> ---------------------------------------------------------------------
> Computer & Information Technologies help@ecs.syr.edu
> LC Smith College of Engineering Link 130, 443-4308
> Syracuse University
>
> On Thu, 2 Aug 2001 stephen@acgroup.ucsc.edu wrote:
>
> >
> > Move to secure shell...
> >
> > Afterall, telnet will never be secure.
> >
> >
> >
> > Stephen Hauskins
> > Academic Computing Group
> > Natural Sciences Division
> >
> > Omnia iam fient fieri quae posse negabam
> >
> >
> > On Thu, 2 Aug 2001, stlburks wrote:
> >
> > > I find nothing in SunSolve about the recent BSD based telnetd vulnerabilities.
> > > Is it Sun position that this is not a problem for Solaris telnet?
> > >
> > > Steph
> > >
> > >
> > > =================================================================
> > >
> > > Stephanie Burks
> > > Systems Programmer
> > > Research and Technical Services
> > > University Information Technology Services
> > > Indiana University
> > > http://php.indiana.edu/~stlburks
> > > (812) 856-5078
> > >
> > > =================================================================
> > >
> > >
> >
>
>



Relevant Pages

  • Re: in.telnetd vulnerability??
    ... Subject: in.telnetd vulnerability?? ... they're complaining about your solution. ... > Move to secure shell... ... >> Is it Sun position that this is not a problem for Solaris telnet? ...
    (Focus-SUN)
  • Re: vpn on FC1
    ... Forget telnet, it's superceded by SSH. ... >>We need secure remote access to a few TCP servers running ... > And just use POP3S and IMAPS instead of the normal daemons without ...
    (Fedora)
  • Re: in.telnetd vulnerability??
    ... Subject: in.telnetd vulnerability?? ... >Afterall, telnet will never be secure. ... >> Is it Sun position that this is not a problem for Solaris telnet? ...
    (Focus-SUN)
  • Re: Can access secure site from dial-up but not from LAN network
    ... Telnet to amazon.com works as you describe, however the telnet to the secure ... web site gets a connect failed message. ... From the same computer, I dial-up ...
    (microsoft.public.security)
  • Re: in.telnetd vulnerability??
    ... Subject: in.telnetd vulnerability?? ... telnet will never be secure. ... Omnia iam fient fieri quae posse negabam ...
    (Focus-SUN)