[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Securing telnet

On Tue, Jul 04, 2000 at 01:23:49PM -0700, kmself@ix.netcom.com wrote:
> On Tue, Jul 04, 2000 at 03:29:16PM +0100, Patrick Kirk wrote:
> > Hi all,
> > 
> > I've just installed a Debian server for a chap who insists on using
> > telnet from Windows boxes within the LAN if he wants to login.  I want
> > to restrict this so that telnet can be done from the range but
> > ssh can be used from anywhere, even if reverse DNS isn't available.
> > That's because I want to be able to login myself and fix things from
> > wherever I happen to be.
> > 
> > I have set hosts.deny as blank and hosts.allow as ALL: ALL
> This is dangeroous.  /etc/hosts.deny should be "ALL:ALL", and selected
> clients should be allowed for selected domains in /etc/hosts.allow.
> > Any thoughts on how to set up the rules to allows the setup above?
> I'd also look into ssh clients for Windows.  I know there are Java
> clients available.

And then there's putty, just over 200KB, and is OK (or so I've heard).
If you wanna pay $$ many of the good ppl on misc@OpenBSD.org says
Vandyke <http://www.vandyke.com> SecureCRT is very good, with many
features ...

Just my .02 euro


Morten Liebach <morten@hotpost.dk> ; http://home1.stofanet.dk/liebach
"Our scientific power has outrun our spiritual power. We have guided
 missiles and misguided men (Martin Luther King, Jr.)"

Reply to: