Subject: Re: telnetd core
To: Wojciech Puchar <wojtek@tensor.3miasto.net>
From: None <yid@softhome.net>
List: netbsd-users
Date: 12/29/2002 20:11:58
On Sun, Dec 29, 2002 at 05:23:56PM +0100, Wojciech Puchar wrote:
> > > is telnetd exploitable??! any protection?
> >
> > stop and forbid using telnet, that's the best protection you can get... :o)
> >
> this is not an answer. and bad advise - as everything like "this is bad
> because is bad"
Telnet is insecure by design, it sends the passwords in cleartext where
anyone can read them. Only offer it if the users can't connect with ssh.
With putty for Windows; and openssh on all *nix OSs, often included
in the default install, not having ssh is really no longer an excuse.