[Full-Disclosure] Re: Re: open telnet port
ahaning at gmail.com
Thu Sep 9 18:10:15 BST 2004
> If you need this on as the norm, please at least use TCP wrappers to
> limit from where it can be accessed, and change any used passwords
> immediately after reestablishing control.
I think the real insecurity in telnet comes not from buffer-overflows
and whatnot, but rather from people sniffing the network and getting
your password in a nice convenient program window. Actually, my guess
is that the telnet daemon is probably quite secure in terms of remote
Try it sometime on a small temporary network. Start ethereal and the
login over telnet to some machine. Right-click on a telnet packet and
select "Follow TCP Stream". In the next window, view the stream as
ASCII. Hey, look, it's your password. This is what convinced me that
telnet is bad.
Full-Disclosure is hosted and sponsored by Secunia.