From owner-freebsd-security  Mon May  6 23:25:38 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mail.npubs.com (npubs.com [207.111.208.224])
	by hub.freebsd.org (Postfix) with ESMTP id E638C37B401
	for <security@FreeBSD.ORG>; Mon,  6 May 2002 23:25:34 -0700 (PDT)
Received: 8.12.2-(Neptune)
Received: 8.12.2-(Venus)
Received: 8.12.2-(Neptune)
From: "Nielsen" <nielsen@memberwebs.com>
To: <dowen@pstis.com>, <security@FreeBSD.ORG>
References: <135YGUD5H2YCVJ3JLY3L2CMBQCXYNOQCEADYX2T5@ziplip.com> <200205061347.54915.dowen@pstis.com>
Subject: Re: Telnet Exploit
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Message-Id: <20020507062534.E638C37B401@hub.freebsd.org>
Date: Mon,  6 May 2002 23:25:34 -0700 (PDT)
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

At our site we've implemented a policy of separating "secure" and "insecure"
logins. We do this via a PAM module. We use SSH for shell logins
exclusively. Using this PAM module we mandate that the same password/login
can't be used with insecure (SMTP, FTP etc..) protocols.

> So if we are going to do away with telnetd, we should scrap FTP and SMTP
> then.. as they are garbage protocols.

Nate



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message