Re: tripping over Telnet

[Rick Stevens <rstevens vitalstream com>]

John Reynolds wrote:
> > On Fri, Feb 27, 2004 at 09:13:13AM -0800, Info wrote:
> >
> > > I just put RedHat 8 on a machine.  I've been trying to telnet to it.
> > > But it refuses connections.
> >
> > Good for it.
> >
> >
> > > I've tried disabling the firewall.
> > > (Everytime I run the gui, it starts out with the firewall at high
> > > security.
> >
> > No, it doesn't.
> >
> > http://www.rhil.net/docs/faq.html#firewall>
> >
> > > Since box refuses to talk, I suspect that it is the case.)
> > >
> > > Anyone got a clue as to where the real enable Telnet switch is hiding? 
> >
> > First, telnet is not just A Bad Idea, it's A Very Bad Idea.  It is a
> > security hole you can drive a truck through.  Use Secure SHell (SSH)
> > instead.  See
> >
> > http://www.rhil.net/docs/security.html
> >
> > for a complete discussion.
>
>
> Nice work if you can get it, but some of us are locked in to supporting 
> telnet-using systems, and we don't have the option of switching all 1000+ 
> systems to ssh.

Do whatever you wish.  They're your systems and it's your system and
network security that's at risk.  One of the FIRST things for a secure
lockdown is to disable any and all telnet access--from inside your
network as well as outside and firewall the hell out it.

To paraphrase the commercial, "Got hacked?"
----------------------------------------------------------------------
- Rick Stevens, Senior Systems Engineer     rstevens vitalstream com -
- VitalStream, Inc.                       http://www.vitalstream.com -
-                                                                    -
-      I won't rise to the occasion, but I'll slide over to it.      -
----------------------------------------------------------------------