On Thursday 28 May 2009 02:34:02 pm Wojciech Puchar wrote: > And yes - i do log as root by "insecure" rsh and telnet.
OK, I'm now promoting you to "batshit insane". Seriously, there's no excuse for running telnet - even in a "secure" (ha!) environment - when so much better alternatives exist. Let me shoot you a hypothetical: your webserver gets compromised. The intruder uses a little ARP poisoning to launch a MITM attack between your workstation and the database server. He comes back a couple hours later and uses your plaintext root password to make a backup of your database for his personal use. Oh, but that could never happen to you, because you run a PtP VPN between every pair of machines on your network, said network being separated from the Internet by a 2 meter air gap and a Doberman Pinscher. Seriously, using telnet today is flat-out stupid, and I'd fire you in a second if you brought that level of bullheaded incompetence into my company. </rant> -- Kirk Strauser _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
