On Thu, Apr 27, 2000 at 09:02:05AM -0400, Noah L. Meyerhans wrote: [...]
> On the other hand, I do not feel as strongly as other posters that telnet
> needs to be disabled in order to have a secure machine. Strong passwords
> will work just as well. I have an account on a large Solaris network
> where telnet has been open for ages, and will continue to be. The passwd
> program in *incredibly* anal about ensuring that all passwords are
> complex. To my knowledge there has never been a significant security
> breach on this network.
>
> noah
Noah:
Dittos on what people have said regarding telnet and sniffers.
And if you're wondering where that sniffer might be, take a look at
Trinux sometime. Floppy linux distro, boot a box on it, schedule a
reboot, and sniff away on any random x86 to your heart's content.
Security models based on a trusted network are severly broken unless you
can verify that *all* hosts on the net are friendly. Practically
impossible for n > 1, and possibly not valid for n = 1.
--
Karsten M. Self <kmself@ix.netcom.com> http:/www.netcom.com/~kmself
What part of "Gestalt" don't you understand?
http://gestalt-system.sourceforge.net/
GPG fingerprint: F932 8B25 5FDD 2528 D595 DC61 3847 889F 55F2 B9B0
pgpP7D6PmGvX0.pgp
Description: PGP signature
