tripping over Telnet
Rick Stevens
rstevens at vitalstream.com
Fri Feb 27 20:01:27 UTC 2004
John Reynolds wrote:
>>On Fri, Feb 27, 2004 at 09:13:13AM -0800, Info wrote:
>>
>>>I just put RedHat 8 on a machine. I've been trying to telnet to it.
>>>But it refuses connections.
>>
>>Good for it.
>>
>>
>>>I've tried disabling the firewall.
>>>(Everytime I run the gui, it starts out with the firewall at high
>>>security.
>>
>>No, it doesn't.
>>
>>http://www.rhil.net/docs/faq.html#firewall>
>>
>>>Since box refuses to talk, I suspect that it is the case.)
>>>
>>>Anyone got a clue as to where the real enable Telnet switch is hiding?
>>
>>First, telnet is not just A Bad Idea, it's A Very Bad Idea. It is a
>>security hole you can drive a truck through. Use Secure SHell (SSH)
>>instead. See
>>
>>http://www.rhil.net/docs/security.html
>>
>>for a complete discussion.
>
>
> Nice work if you can get it, but some of us are locked in to supporting
> telnet-using systems, and we don't have the option of switching all 1000+
> systems to ssh.
Do whatever you wish. They're your systems and it's your system and
network security that's at risk. One of the FIRST things for a secure
lockdown is to disable any and all telnet access--from inside your
network as well as outside and firewall the hell out it.
To paraphrase the commercial, "Got hacked?"
----------------------------------------------------------------------
- Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com -
- VitalStream, Inc. http://www.vitalstream.com -
- -
- I won't rise to the occasion, but I'll slide over to it. -
----------------------------------------------------------------------
More information about the Redhat-install-list
mailing list