Date:Fri, 14 Dec 2018 21:28:34 -0800
From:John Nemeth
Message-ID: <201812150528.wbf5syhr025...@server.cornerstoneservice.ca>
| As kre noted, it is probably the oldest network application
| around. According to Wikipedia, the protocol was developed in
| 1969, pr
On Dec 14, 4:22pm, co...@sdf.org wrote:
}
} You know I'm writing this as telnet on netbsd is vulnerable to remote
} exploits, and everyone that can MITM you can do that to you whenever you
} 'telnet to see if ports are open'?
Name the remote exploit! And, don't tell me about MITM.
}-- End
On Dec 14, 1:21pm, Taylor R Campbell wrote:
} > Date: Fri, 14 Dec 2018 09:46:08 +0100
} > From: Edgar Fuß
} >
} > > Y'all seem to think it's totally reasonable to telnet in the open internet
} > What's the problem with "telnet www.uni-bonn.de http"?
}
} If the telnet client is remotely exploita
On Fri, Dec 14, 2018 at 04:53:06PM +, Taylor R Campbell wrote:
> There is an exploit being privately circulated, which is what prompted
> this discussion in the first place, and an advisory is presumably
> forthcoming.
Two local 'exploits', one that had been fixed more than 13 years ago
(with
> Date: Fri, 14 Dec 2018 16:34:47 - (UTC)
> From: mlel...@serpens.de (Michael van Elst)
>
> co...@sdf.org writes:
>
> >You know I'm writing this as telnet on netbsd is vulnerable to remote
> >exploits, and everyone that can MITM you can do that to you whenever you
> >'telnet to see if ports a
co...@sdf.org writes:
>You know I'm writing this as telnet on netbsd is vulnerable to remote
>exploits, and everyone that can MITM you can do that to you whenever you
>'telnet to see if ports are open'?
Obviously wrong.
--
--
Michael van Elst
Internet: mlel...@s
Greg Troxel wrote in :
|Robert Elz writes:
|
|> It does no harm as it is, if you don't use the client, all it does is
|> occupy a couple of hundred blocks (nothing), the server is not
|> enabled by default, and it is even smaller.
|
|I agree. I use it often, to see if TCP ports are open an
You know I'm writing this as telnet on netbsd is vulnerable to remote
exploits, and everyone that can MITM you can do that to you whenever you
'telnet to see if ports are open'?
On 12/14/18 2:21 PM, Taylor R Campbell wrote:
We should at least have warnings on it until someone takes up
maintenance not to use it on the open internet.
This comes around to me similar to having a notice in the cup of coffee
just bought "Caution: content may be hot", or instructions for
campbell+netbsd-tech-userle...@mumble.net (Taylor R Campbell) writes:
>If the telnet client is remotely exploitable
Is it?
--
--
Michael van Elst
Internet: mlel...@serpens.de
"A potential Snark may lurk in every tree."
> Date: Fri, 14 Dec 2018 09:46:08 +0100
> From: Edgar Fuß
>
> > Y'all seem to think it's totally reasonable to telnet in the open internet
> What's the problem with "telnet www.uni-bonn.de http"?
If the telnet client is remotely exploitable then that exposes you to
exploitation by www.uni-bonn.d
Robert Elz writes:
> It does no harm as it is, if you don't use the client, all it does is
> occupy a couple of hundred blocks (nothing), the server is not
> enabled by default, and it is even smaller.
I agree. I use it often, to see if TCP ports are open and hand-type
smtp or http.
Another
> Date: Fri, 14 Dec 2018 09:41:20 +0100
> From: Edgar Fuß
>
> > send hate mail my way.
> I guess you are over-looking my (and probably a lot of other network
> administrator's) primary use case for /usr/bin/telnet: connect to a
> HTTP/SMTP/IMAP/whatever port and speak the protocol.
That's what
On Dec 14, 4:56am, co...@sdf.org wrote:
}
} The maintenance burden is as follows:
}
} - Y'all seem to think it's totally reasonable to telnet in the open
} internet
Nobody thinks it should be used in the open internet in any
situation where security is required, at least not without using
On Fri, 14 Dec 2018, Edgar Fu? wrote:
send hate mail my way.
I guess you are over-looking my (and probably a lot of other network
administrator's) primary use case for /usr/bin/telnet: connect to a
HTTP/SMTP/IMAP/whatever port and speak the protocol.
Yep, there's still a lot of network gear o
> only current use for the (posix "is undefined") relative path in $ENV is
> if the intent is to run the script relative to whatever directory the
> shell happens to start in. I doubt that is often intended.
I would guess the most probable intent is to run it from $HOME (and wonder
why it some
> Y'all seem to think it's totally reasonable to telnet in the open internet
What's the problem with "telnet www.uni-bonn.de http"?
> send hate mail my way.
I guess you are over-looking my (and probably a lot of other network
administrator's) primary use case for /usr/bin/telnet: connect to a
HTTP/SMTP/IMAP/whatever port and speak the protocol.
18 matches
Mail list logo
