agreed, For proof, just run a sniffer on the network segment as you login as root, you will see, in plaintext, your root password. (and any smtp passwords from mail clients, but that's a different problem... ;) Regards, Gavin McDonald ======================== EVI Logistic Enterprises email: me@xxxxxxxxxxxx phone: (604) 313-3845 > -----Original Message----- > From: redhat-list-bounces@xxxxxxxxxx [mailto:redhat-list- > bounces@xxxxxxxxxx] On Behalf Of Tobias Speckbacher > Sent: Wednesday, February 22, 2006 10:22 AM > To: General Red Hat Linux discussion list > Subject: RE: Regarding root access to telnet > > > -----Original Message----- > > From: redhat-list-bounces@xxxxxxxxxx [mailto:redhat-list- > > bounces@xxxxxxxxxx] On Behalf Of A.Fadyushin@xxxxxxxxxxxx > > Sent: Wednesday, February 22, 2006 8:27 AM > > To: redhat-list@xxxxxxxxxx > > Subject: RE: Regarding root access to telnet > > > > I strongly recommend you to limit access to telnet port of your server > > using appropriate firewall/xinetd configuration so the telnet sessions > > would be allowed only from specified list of IP addresses before > > allowing root (or any other user) to use telnet for logging into the > > server. > > This certainly is good advice. I even make this standard practice for > ssh services. > > However, it is not that telnet as a service is inherently insecure, > however, the protocol is. (software vs. network, I am sure someone is > going to take this out of context) > > The main concern regarding telnet is the transmission of data in clear > text. > This means anyone in between you and the server can intercept/alter > session data, making it trivial to sniff passwords or perform other > malicious activities with your session. > > As it is using anything less than ssh in my opinion is a severe > violation/disregard of best practices. > > > -T > > > > > Alexey Fadyushin > > Brainbench MVP for Linux > > http://www.brainbench.com > > > > > -----Original Message----- > > > From: redhat-list-bounces@xxxxxxxxxx [mailto:redhat-list- > > > bounces@xxxxxxxxxx] On Behalf Of jerome dsilva > > > Sent: Wednesday, February 22, 2006 7:49 AM > > > To: General Red Hat Linux discussion list > > > Subject: RE: Regarding root access to telnet > > > > > > Move the /etc/security file and you will be able to > > > login as root using telnet.. > > > But this is not a good practice at all. > > > > > > Jerome > > > > > > --- ssevengor@xxxxxxxxxx wrote: > > > > > > > Why root login using telnet, use ssh? > > > > This is very insecure and it is recommend disabling > > > > telnet. > > > > Serdar > > > > > > > > -----Original Message----- > > > > From: redhat-list-bounces@xxxxxxxxxx > > > > [mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of > > > > Krishnaprasad > > > > Sent: Thursday, February 16, 2006 2:52 PM > > > > To: General Red Hat Linux discussion list > > > > Subject: Regarding root access to telnet > > > > > > > > hi all > > > > > > > > how can I enable root access to a machine through > > > > telnet. > > > > > > > > Thanks > > > > krishna > > > > > > > > -- > > > > redhat-list mailing list > > > > unsubscribe > > > > > > > mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > > > > https://www.redhat.com/mailman/listinfo/redhat-list > > > > > > > > -- > > > > redhat-list mailing list > > > > unsubscribe > > > > > > > mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > > > > https://www.redhat.com/mailman/listinfo/redhat-list > > > > > > > > > > > > > __________________________________________________ > > > Do You Yahoo!? > > > Tired of spam? Yahoo! Mail has the best spam protection around > > > http://mail.yahoo.com > > > > > > -- > > > redhat-list mailing list > > > unsubscribe > mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > > > https://www.redhat.com/mailman/listinfo/redhat-list > > > > -- > > redhat-list mailing list > > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > > https://www.redhat.com/mailman/listinfo/redhat-list > > -- > redhat-list mailing list > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
