Incoming from Rick Moen: > Quoting Milan Jurik ([EMAIL PROTECTED]): > > > The question isn't if stop using telnet. The question is why Debian's > > telnetd is still vunerable. > > I'd apologise for the off-topic digression -- if I thought I'd given > offence. ;->
No-one should have to apologise for warning against bad security practices. $DEITY knows the Windows crowd doesn't care about it, but we're better than that, right? One unpatched Microsh*t box in your LAN, and one nitwit using IE, and your whole network is owned. It would be irresponsible not to warn others about it. If/when they get in, they can also get a sniffer in. If you're running telnet, you're fooling yourself. If you're using ssh ubiquitously, that's yet another vector closed to them. I don't have a lot of patience for those who think, "Yes, we know the risks, but we'd rather not change." Evolution in action, indeed. -- Any technology distinguishable from magic is insufficiently advanced. (*) http://www.spots.ab.ca/~keeling - -
