[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: hacked?

On Thu, Apr 27, 2000 at 09:02:05AM -0400, Noah L. Meyerhans wrote:
> Add the following line to /etc/apt/sources.list:
> deb http://non-us.debian.org /potato/non-US main contrib non-free
> On the other hand, I do not feel as strongly as other posters that telnet
> needs to be disabled in order to have a secure machine.  Strong passwords
> will work just as well.  I have an account on a large Solaris network
> where telnet has been open for ages, and will continue to be.  The passwd
> program in *incredibly* anal about ensuring that all passwords are
> complex.  To my knowledge there has never been a significant security
> breach on this network.

it does not matter how good your password is if someone gets a sniffer
on your network they WILL see it flying around in plaintext.   now if
you talking about just having telnet open and accounts with good
passwords, and nobody ever uses telnet (thus blabbing there passwords
to everyone who is listening) then yeah telnet is not really a
problem, other then being yet another service running. 

Ethan Benson

Attachment: pgpO14TKF_52f.pgp
Description: PGP signature

Reply to: