adius servers.
If i run telnetd(via inetd) with -X sra option (or if second machine does
not support SRA), if I add mentioned line to pam.d/login file, it correctly
uses radius servers for authentication..
but if SRA connection is set, it seems that authentication is done kinda
locally..
in
On Sat, 2007-03-10 at 22:52 +0100, Wojciech Puchar wrote:
> can it be set to make possible to login root to machine through telnet and
> without telneting to some user and then su -
> ?
>
> with sshd and rshd it can be set, with telnetd - no success.
>
My reasons for thi
Once I setted up a mailserver with more that 2000 users
with a single freebsd sendmailin a small machine (1Ghz,512Mb memory,
Freebsd 4.X) one internet connection.. with virtual users,
mailertable... and it
worked for years... by the way... it had telnetd avaiable...
exactly like me. i do
...
;;
;; :;
;:' :;
;:; ;.
,:' ; OOO\
::; ; O\
;:; ;
,;::; ;' / OOO
;:`. ,,,;./ / DOO
Maybe you are, but even so, do you still use V7 on a PDP/11 or 32V on a VAX,
make dumps to DECtape, or use a VT100? There's something to be said for
i still have (in many places) Wyse 120 terminals i've got for free,
including one at home :)
works at vt220 at 38400 baud, very well
On 11/03/07, Sergio Lenzi <[EMAIL PROTECTED]> wrote:
> What do you gain by allowing telnet access to your hosts that you don't
> get with ssh?
>
> Paul Schmehl ([EMAIL PROTECTED])
> Senior Information Security Analyst
> The University of Texas at Dallas
> http://www.utdallas.edu/ir/security/
>
On Sun, 11 Mar 2007 21:46:50 +0100 (CET)
Wojciech Puchar <[EMAIL PROTECTED]> wrote:
> > I believe the following sums up my feeling on the matter.
> >
> > It is not the OS's job to stop you from shooting yourself in the
> > foot.
>
> boom... i'm dead..
> at least for 4 years :)
Sorry to hear th
I still
use sendmail and telnet...
Once I setted up a mailserver with more that 2000 users
with a single freebsd sendmailin a small machine (1Ghz,512Mb memory,
Freebsd 4.X) one internet connection.. with virtual users,
mailertable... and it
worked for years... by the way... it had te
I believe the following sums up my feeling on the matter.
It is not the OS's job to stop you from shooting yourself in the foot.
boom... i'm dead..
at least for 4 years :)
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman
On Sun, 11 Mar 2007 16:20:03 +
Hugo Silva <[EMAIL PROTECTED]> wrote:
[...]
> Oh well, your server, your password. Just don't say you were not
> warned.
I believe the following sums up my feeling on the matter.
It is not the OS's job to stop you from shooting yourself in the foot.
Rather, if
On 11/03/07, Wojciech Puchar <[EMAIL PROTECTED]> wrote:
> There have been *many* problems over the years with rsh and telnet. rsh's
> security model comes from a time when people thought computers would never
exactly true. so i use rsh between MY machines and rsh and telnet when
sniffing is not
--On March 11, 2007 11:22:42 AM -0300 Sergio Lenzi <[EMAIL PROTECTED]>
wrote:
7) telnet to your server
should now allow root login
What do you gain by allowing telnet access to your hosts that you don't
get with ssh?
Paul Schmehl ([EMAIL PROTECTED])
Senior Information Security Analyst
Th
in the case of ssh), or in http...
A "normal" FreeBSD 6.2 or an OpenBSD, is incredible solid...
Indeed, that's exactly why it comes with sshd instead of telnetd and
they both DO NOT allow root logins by default.
You must know the "superuser" login AND the passw
Wojciech Puchar wrote:
Err, sure; and for completeness, be sure and send the IP back to this
list, and publish it on the front page of your website/blog/whatnot.
and what if i will? do you know my root password?
OK, cynicism aside, why on earth would you want to do this? That's a
fool's e
works fine. thank you very much (point 6 wasn't needed)
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
So. resuming:
1) change some lines in /etc/ttys to:
ttyp0 nonenetwork off secure
ttyp1 nonenetwork off secure
ttyp2 nonenetwork off secure
ttyp3 nonenetwork off secure
ttyp4 none
Hello...
I see you issues about telenet...
I use the inetd+telnet for more than 20 years and using BSD
with RSA, and obviiously with a good password.
I have never been cracked down...
and I have 10 of my /etc/ttys entries setted to "secure"
ttyp0 nonenetwork off secure
There have been *many* problems over the years with rsh and telnet. rsh's
security model comes from a time when people thought computers would never
exactly true. so i use rsh between MY machines and rsh and telnet when
sniffing is not a problem.
wasn't easier just to answer the question?
___
Wojciech Puchar wrote:
can it be set to make possible to login root to machine through
telnet and without telneting to some user and then su -
?
with sshd and rshd it can be set, with telnetd - no success.
once again - can someone answer my question instead of giving very
"intell
Wojciech Puchar wrote:
so generalizing that "telnet and rsh is bad" is as stupid as telling
that oxygen is bad as it makes fires.
Well, that's true, but if you have the choice, there are better choices.
You *can* hammer in nails with the butt of a gun, but there's a chance
you'll somehow shoot
d idea though. The reason
it works. but it is strange solution, as rshd and sshd can be set up this
way.
why telnetd can't?
i tried allow_root in /etc/pam.d/telnetd every place (like with
/etc/pam/rsh) and it doesn't work.
something with ssh - you can allow ssh RootLogin, but not
2001:4070:101:1::2
through telnetd
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
if you are so intelligent?
There are and have been many known exploits through telnet. The most
recent one a couple of weeks ago affects SunOS where you can, using
telnet, get root privileges without even logging in as root. Telnet
does it affect FreeBSD?
On 11/03/07, Wojciech Puchar <[EMAIL PROTECTED]> wrote:
>>
>> with sshd and rshd it can be set, with telnetd - no success.
>
> That is a REALLY BAD idea. Why don't you just publish your address and
> set the root password to nothing. It's only going to ta
On Saturday 10 March 2007 22:14, Wojciech Puchar said:
> >> with sshd and rshd it can be set, with telnetd - no success.
> >
> > That is a REALLY BAD idea. Why don't you just publish your
> > address and set the root password to nothing. It's only going to
>
with sshd and rshd it can be set, with telnetd - no success.
That is a REALLY BAD idea. Why don't you just publish your address and
set the root password to nothing. It's only going to take a cracker a
couple of minutes or less to own your server once they find you (and
they will).
alert tcp $TELNET_SERVERS 23 -> $EXTERNAL_NET any (msg:"TELNET root login";
flow
:from_server,established; content:"login|3A| root";
classtype:suspicious-login;
sid:719; rev:7;)
could you please tell me who will be snorting it on MY network?
Of course, if you really want to do this, I agree
On Mar 10, 2007, at 11:16 PM, Wojciech Puchar wrote:
can it be set to make possible to login root to machine through
telnet and without telneting to some user and then su -
?
with sshd and rshd it can be set, with telnetd - no success.
once again - can someone answer my question instead of
can it be set to make possible to login root to machine through telnet and
without telneting to some user and then su -
?
with sshd and rshd it can be set, with telnetd - no success.
once again - can someone answer my question instead of giving very
"intelligent"
Err, sure; and for completeness, be sure and send the IP back to this list,
and publish it on the front page of your website/blog/whatnot.
and what if i will? do you know my root password?
OK, cynicism aside, why on earth would you want to do this? That's a fool's
errand in today's world.
rough
telnet and without telneting to some user and then su -
?
with sshd and rshd it can be set, with telnetd - no success.
That is a REALLY BAD idea. Why don't you just publish your address and
set the root password to nothing. It's only going to take a cracker a
couple of minutes
On Saturday 10 March 2007 12:52, Wojciech Puchar said:
> can it be set to make possible to login root to machine through
> telnet and without telneting to some user and then su -
> ?
>
> with sshd and rshd it can be set, with telnetd - no success.
That is a REALLY BAD idea. Why
Wojciech Puchar wrote:
can it be set to make possible to login root to machine through telnet
and without telneting to some user and then su -
?
with sshd and rshd it can be set, with telnetd - no success.
Err, sure; and for completeness, be sure and send the IP back to this
list, and
can it be set to make possible to login root to machine through telnet and
without telneting to some user and then su -
?
with sshd and rshd it can be set, with telnetd - no success.
thank you
___
freebsd-questions@freebsd.org mailing list
http
>-Original Message-
>From: Peter Clutton [mailto:[EMAIL PROTECTED]
>Sent: Sunday, December 04, 2005 3:16 AM
>To: Ted Mittelstaedt
>Cc: Stevan Tiefert; freebsd-questions@freebsd.org
>Subject: Re: FreeBSD telnetd and Microsoft Internet Explorer
>
>
>On 12/3/0
On 12/3/05, Ted Mittelstaedt <[EMAIL PROTECTED]> wrote:
>
> Whoah whoah whoah
>
> Guys, I have several 5.4 servers.
>
> Hitting them with IE 6.0.2800.1106 ftp client I
> get NO PROBLEMS seeing dot files. I DO NOT see
> the behavior that the OP claims. NOR do I see the
> behavior that you guys
st login
on this allegedly bad FreeBSD system of yours.
Ted
>-Original Message-
>From: [EMAIL PROTECTED]
>[mailto:[EMAIL PROTECTED] Behalf Of Peter Clutton
>Sent: Thursday, December 01, 2005 4:26 AM
>To: Stevan Tiefert
>Cc: freebsd-questions@freebsd.org
>Subject: Re: FreeBS
On 12/1/05, Stevan Tiefert <[EMAIL PROTECTED]> wrote:
> Am Donnerstag, 1. Dezember 2005 06:37 schrieb Peter Clutton:
> Thanks for your off-topic message... You helped very well to solve a
> problem. :-(
Well actually I did help solve the problem, because the problem is
most likely your client. It
On 2005-12-01 09:51, Stevan Tiefert <[EMAIL PROTECTED]> wrote:
> Am Donnerstag, 1. Dezember 2005 06:37 schrieb Peter Clutton:
> 8<
> ... funny things...
> 8<
>
> Thanks for your off-topic message... You helped very well to solve a
> problem. :-(
> Now everyb
Am Donnerstag, 1. Dezember 2005 06:37 schrieb Peter Clutton:
8<
... funny things...
8<
Thanks for your off-topic message... You helped very well to solve a
problem. :-(
Now everybody knows where the problem is, or not? There are many ftp-sites
where IE can
On 12/1/05, Giorgos Keramidas <[EMAIL PROTECTED]> wrote:
> On 2005-11-30 14:05, Stevan Tiefert <[EMAIL PROTECTED]> wrote:
> > Internet Explorer is showing the filenames and time (of the ftpd)
> > together as one filename?!? That means on ftpd:
> >
> > $ ls -al .login
> > -rw-r--r-- 1 user user 248
On 2005-11-30 14:05, Stevan Tiefert <[EMAIL PROTECTED]> wrote:
> Hello list,
>
> on my machine there runs a telnetd started via inetd. It is not an
> anonymous ftpd. When I access the directories of an user with Internet
> Explorer I got strange outputs on my screen. The d
Hello list,
on my machine there runs a telnetd started via inetd. It is not an
anonymous ftpd. When I access the directories of an user with Internet
Explorer I got strange outputs on my screen. The described szene is not
happening if I use the telnet on cmd.exe.
Internet Explorer is
chine with inetd running
and telnetd enabled already in its inetd.conf..
However, my telnet client said the following:
Trying KERBEROS5
(host/[EMAIL PROTECTED])...
]
[ Kerberos V5 refuses authentication because
krb5_sock_to_principal failed ]..
Some of kerberos clients are already installed by
de
Any luck with fixing tn3270 yet?
--
Phil Helms
[EMAIL PROTECTED]
303-595-1524
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Hello,
> On Sun, Mar 14, 2004 at 06:01:37AM +0100, Alex de Kruijff wrote:
> > On Sun, Mar 14, 2004 at 05:52:04AM +0100, Alex de Kruijff wrote:
> > > On Thu, Mar 11, 2004 at 09:34:16PM -0600, Paul Seniura wrote:
>
> > > > I hope this is not too technical:
> > > > All BSDs (except for this 'Free' o
43:48PM -0600, Paul Seniura wrote:
> > > > > It seems NetBSD and OpenBSD continue to include
> > > > > telnet+telnetd+tn3270 together under one subdir as part of
> > > > > /src/usr.bin -- but FreeBSD moved only the telnet[d] pieces
> > > > >
On Sun, Mar 14, 2004 at 06:01:37AM +0100, Alex de Kruijff wrote:
> On Sun, Mar 14, 2004 at 05:52:04AM +0100, Alex de Kruijff wrote:
> > On Thu, Mar 11, 2004 at 09:34:16PM -0600, Paul Seniura wrote:
> > > I hope this is not too technical:
> > > All BSDs (except for this 'Free' one) presently have t
> > > > It seems NetBSD and OpenBSD continue to include
> > > > telnet+telnetd+tn3270 together under one subdir as part of
> > > > /src/usr.bin -- but FreeBSD moved only the telnet[d] pieces
> > > > to /src/contrib/telnet and eliminated the tn3270 pie
On Thu, Mar 11, 2004 at 09:34:16PM -0600, Paul Seniura wrote:
>
> Hi Alex,
>
> > Dear Paul,
> >
> > On Tue, Mar 09, 2004 at 04:43:48PM -0600, Paul Seniura wrote:
> > > It seems NetBSD and OpenBSD continue to include
> > > telnet+telnetd+tn3270 to
On Thu, Mar 11, 2004 at 09:34:24PM -0600, Paul Seniura wrote:
>
> Hi Kris,
>
>
> > On Tue, Mar 09, 2004 at 04:43:48PM -0600, Paul Seniura wrote:
> >
> > > I'm wondering what historical moves were done to the src that builds
> > > FreeBSD's te
Hi Kris,
> On Tue, Mar 09, 2004 at 04:43:48PM -0600, Paul Seniura wrote:
>
> > I'm wondering what historical moves were done to the src that builds
> > FreeBSD's telnet command and telnetd daemon, because now they do not
> > match other BSDs (AFAICS).
Hi Alex,
> Dear Paul,
>
> On Tue, Mar 09, 2004 at 04:43:48PM -0600, Paul Seniura wrote:
> > It seems NetBSD and OpenBSD continue to include
> > telnet+telnetd+tn3270 together under one subdir as part of
> > /src/usr.bin -- but FreeBSD moved only the telnet[d] pieces
On Tue, Mar 09, 2004 at 04:43:48PM -0600, Paul Seniura wrote:
> I'm wondering what historical moves were done to the src that builds
> FreeBSD's telnet command and telnetd daemon, because now they do not
> match other BSDs (AFAICS). This is the crux of my perplextion.
Read
Dear Paul,
On Tue, Mar 09, 2004 at 04:43:48PM -0600, Paul Seniura wrote:
> It seems NetBSD and OpenBSD continue to include
> telnet+telnetd+tn3270 together under one subdir as part of
> /src/usr.bin -- but FreeBSD moved only the telnet[d] pieces
> to /src/contrib/telnet and eliminate
;) .
I'm wondering what historical moves were done to the src that builds
FreeBSD's telnet command and telnetd daemon, because now they do not
match other BSDs (AFAICS). This is the crux of my perplextion.
It seems NetBSD and OpenBSD continue to include
telnet+telnetd+tn3270 togeth
tts)
Except Microsoft Exchange.
- A.S.R. quote (Art)
--- Begin Message ---
Howdy folks,
When using the MIT krb5 port (up to date as of a CVSup this morning) on
a recent -STABLE box, there are two ways to enable telnetd in
/etc/inetd.conf:
telnet stream tcp nowait root /usr/libexec/teln
s thread and keep feeding the troll, I
recommend browsing this guys site first. Can you say 'paranoia'? How
about 'highly impressionable' or 'overactive imagination' . . .
And yeah, who the hell leaves telnetd open anymore? I plain delete
the damn thing when I no
it.
I'm not above conspiracy theories, but this seems far fetched.
On Tuesday, August 26, 2003, at 12:18 PM, David Landgren wrote:
Joshua Oreman wrote:
On Mon, Aug 25, 2003 at 11:22:12PM -0400 or thereabouts, Kevin
shampoo Nadeau wrote:
Hello [ ... ]
telnetd is infected with a national
Joshua Oreman wrote:
On Mon, Aug 25, 2003 at 11:22:12PM -0400 or thereabouts, Kevin shampoo Nadeau wrote:
Hello [ ... ]
telnetd is infected with a national security backdoor in all
non-source compiled versions of FreeBSD, NetBSD and OpenBSD. If you
download the source code for telnetd and
On Mon, Aug 25, 2003 at 11:22:12PM -0400 or thereabouts, Kevin shampoo Nadeau wrote:
>
> Hello [ ... ]
>
> telnetd is infected with a national security backdoor in all
> non-source compiled versions of FreeBSD, NetBSD and OpenBSD. If you
> download the source code for telnetd
Hello - This is an invitation to start a war against OS developers.
telnetd is infected with a national security backdoor in all non-source compiled
versions of FreeBSD, NetBSD and OpenBSD. If you download the source code for telnetd
and compile it to compare the file size of the "stoc
Just wondering why you are running telnet, and not ssh ?
Jeff.
>> -Original Message-
>> From: [EMAIL PROTECTED]
>> [mailto:[EMAIL PROTECTED] On Behalf Of Fehmi
>> Sent: Thursday, June 19, 2003 11:47 AM
>> To: [EMAIL PROTECTED]
>> Subject: Login probl
Fehmi wrote:
> I enabled Telnetd in inetd.conf by removing the "#"
> from the line
> #telnet stream tcp nowait root
> /usr/libexec/telnetdtelnetd
>
> I tried to loggin,
> i used the root/password in the server machine side
> i put loggin/password but
> a re
> i used the root/password in the server machine side
> i put loggin/password but
> a receive the message [ SRA login failed ]
You are not allowed to log as root using telnet or ssh. Log as normal user
then use "su". And try not to use telnet. Use ssh instead.
Logging in over telnet with root is unsecure...
Log on as yourself, and then su to root...
Peter
At 05:47 PM 6/19/2003 +0200, you wrote:
I enabled Telnetd in inetd.conf by removing the "#"
from the line
#telnet stream tcp nowait root
/usr/libexec/telnetd telnetd
I tried to
I enabled Telnetd in inetd.conf by removing the "#"
from the line
#telnet stream tcp nowait root
/usr/libexec/telnetd telnetd
I tried to loggin,
i used the root/password in the server machine side
i put loggin/password but
a receive the message [ SRA login failed ]
i wonde
On Wed, 4 Jun 2003, Doug Silver wrote:
Oh no I was just wondering about the need for an "internet super-server"
to essentially serve one daemon.
> On Wednesday 04 June 2003 12:19 pm, Dan Mahoney, System Admin wrote:
> > Is there a way to run telnetd in "standalone&q
On Wednesday 04 June 2003 12:19 pm, Dan Mahoney, System Admin wrote:
> Is there a way to run telnetd in "standalone" mode, i.e. without inetd?
> We have a system that we sometimes need to connect to from within a cisco
> router, which can't do ssh (and not from anywhere els
Is there a way to run telnetd in "standalone" mode, i.e. without inetd?
We have a system that we sometimes need to connect to from within a cisco
router, which can't do ssh (and not from anywhere else, we've firewalled
it as such).
-Dan Mahoney
--
"If you aren't g
Original Message -
From: "Rafter Man" <[EMAIL PROTECTED]>
> I'm no it! Thanks :-)
Ups, I'm ON it! *GG*
Best regards
Rafter
--
Get your free email from www.linuxmail.org
Powered by Outblaze
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-questions" in the b
- Original Message -
From: Wayne Pascoe <[EMAIL PROTECTED]>
> > If I have a server running telnetd and sshd, how can I denie a users
> > telnet access (he must have ssh access also using passwords).
>
> For starters, I would strongly deny telnet access by defau
"Rafter Man" <[EMAIL PROTECTED]> writes:
> Hi Subscribers
>
> If I have a server running telnetd and sshd, how can I denie a users
> telnet access (he must have ssh access also using passwords).
For starters, I would strongly deny telnet access by default. There
- Original Message -
From: "Daniel Bye" <[EMAIL PROTECTED]>
> > > I have a system running telnetd and sshd
> > > Some users may NOT use telnet to login, they have to login via sshd
> > > (using passwords).
> Perhaps you can take advantage of
On Thu, Jul 18, 2002 at 12:09:52AM +0200, Roman Neuhauser wrote:
> > I have a system running telnetd and sshd
> > Some users may NOT use telnet to login, they have to login via sshd
> > (using passwords).
> >
> > How do I do that?
>
> i'm not awar
- Original Message -
From: Roman Neuhauser <[EMAIL PROTECTED]>
> > I am using a webmailer, so it is out of my hands.
>
> hm :/
:-)
> > Let's take it again one more time, from the top:
> > I have a system running telnetd and sshd
> > Some use
> From: "Rafter Man" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Cc: [EMAIL PROTECTED]
> Date: Thu, 18 Jul 2002 06:01:16 +0800
> Subject: Re: Telnetd
>
> - Original Message -
> From: Roman Neuhauser <[EMAIL PROTECTED]>
> >
, from the top:
I have a system running telnetd and sshd
Some users may NOT use telnet to login, they have to login via sshd (using passwords).
How do I do that?
Best regards
Rafter
--
Get your free email from www.linuxmail.org
Powered by Outblaze
To Unsubscribe: send mail to [EMAIL PROTEC
> From: "Rafter Man" <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Date: Thu, 18 Jul 2002 05:47:49 +0800
> Subject: Telnetd
please, wrap your lines at about 72 chars
> Hi Subscribers
>
> If I have a server running telnetd and sshd, how can I denie a us
Hi Subscribers
If I have a server running telnetd and sshd, how can I denie a users telnet access (he
must have ssh access also using passwords).
Best regards
Rafter
--
Get your free email from www.linuxmail.org
Powered by Outblaze
To Unsubscribe: send mail to [EMAIL PROTECTED]
with
80 matches
Mail list logo
