Subject: Re: moving telnet to another port
To: Paul Goyette <email@example.com>
From: Dr. Bill Studenmund <firstname.lastname@example.org>
Date: 11/05/1998 17:10:46
On Thu, 5 Nov 1998, Paul Goyette wrote:
> On Thu, 5 Nov 1998, Dr. Bill Studenmund wrote:
> > I think editing /etc/services to renumber the telnet service would be a
> > mistake. Either just camp telnet on another service's port, or add
> > something like a "joetelnet" at a new port #.
> Actually, according to the man page, telnetd looks in /etc/services and
> the only reason this could is to find out what port to listen on.
> (Caveat: this is only from a "logical" perspective; I have NOT read
> the source code for telnetd!)
?? Are you sure? The 1.3.2 man page says that inetd looks in /etc/services
to know where to hook up telnetd. telnetd should just take the sockets its
given, and seems to. I've had multiple telnetd's running on a machine
(some with kerberos, some w/o).
> > Nope, that's it. Your telnet will still be as (in)secure as before, just
> > external intruders won't know where to look for it.
> Yep. I strongly recommend using ssh if you want security, and disable
> telnet as well as all the r things (rlogin, rsh, rcmd).
Right. Though ssh works really well in place of rsh, rcp, etc..