On Fri, 24 Sep 2004, s. keeling wrote: > > I noticed the message below on BUGTRAQ last weekend, reporting a remote > > root compromise in telnetd. I haven't seen any discussion of this on the > > list archives, nor a new DSA. Am I missing something? > > Is anyone still using telnet when there's ssh? Why? I wouldn't even > use it inside my own firewalled LAN. ssh is just better.
Agreed - but some of my customers, even after I've pointed out the risks, just don't want to go through the trouble of changing from their preferred Telnet programs. Given that a remote root is supposedly possible, I think this should be looked at, no matter how rare the package's usage may be. -- James Renken, System Administrator [EMAIL PROTECTED] Sandwich.Net Internet Services http://www.sandwich.net/ 1-877-HUBWICH -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]