Re: Dropping telnetd and rsh* for security reasons?
On Thu, 2003-05-15 at 08:57, Paul Johnson wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Thu, May 15, 2003 at 08:31:27AM -0400, Andrew Perrin wrote:
> > Please don't do this! I need telnetd for a specific application, for which
> > ssh is not practical. I know the risks and accept them. Put a dire warning
> > on the screen when installing if you must, but don't drop the opportunity
> > just to protect me from myself.
>
> I was thinking slightly more altruistically: Protecting you (which is
> not exclusive to Mr. Perrin by any means) from the rest of the net.
> My rationale is basically two-pronged:
>
> 1) The various rsh packages have been largely, if not totally,
> replaced by ssh. Now, since rsh has a tendancy of basically
> shouting whatever goes across it in plaintext across the network,
> rsh isn't exactly a sane item to be keeping on the net if you don't
> like the idea of anybody who 0wnzed a router your connection
> happens to be going through being able to gain access to your box.
>
> 2) telnetd's functionality has been entirely replaced by ssh, and Free
> ssh clients are available on damn near every platform out there
> natively, and anything with a java interpreter. People who know
> they're in a specialty environment could either compile it
> themselves (since it's a really small package) or make a backport
> and submit it to apt-get.org.
telnet is useful because it's on all Windows machines stretching back
probably to Win3.1. In other words, it's the lowest common denominator.
--
+---------------------------------------------------------------+
| Ron Johnson, Jr. mailto:ron.l.johnson@cox.net |
| Jefferson, LA USA http://members.cox.net/ron.l.johnson |
| |
| The purpose of the military isn't to pay your college tuition |
| or give you a little extra income; it's to "kill people and |
| break things". Surprisingly, not everyone understands that. |
+---------------------------------------------------------------+
Reply to: