On Thu, Apr 27, 2000 at 09:02:05AM -0400, Noah L. Meyerhans wrote: > > Add the following line to /etc/apt/sources.list: > deb http://non-us.debian.org /potato/non-US main contrib non-free > > On the other hand, I do not feel as strongly as other posters that telnet > needs to be disabled in order to have a secure machine. Strong passwords > will work just as well. I have an account on a large Solaris network > where telnet has been open for ages, and will continue to be. The passwd > program in *incredibly* anal about ensuring that all passwords are > complex. To my knowledge there has never been a significant security > breach on this network. it does not matter how good your password is if someone gets a sniffer on your network they WILL see it flying around in plaintext. now if you talking about just having telnet open and accounts with good passwords, and nobody ever uses telnet (thus blabbing there passwords to everyone who is listening) then yeah telnet is not really a problem, other then being yet another service running. -- Ethan Benson http://www.alaska.net/~erbenson/
Attachment:
pgpbUjQrEn4ox.pgp
Description: PGP signature