Date: Thu, 14 Mar 2002 11:09:36 -0800 (PST) From: krzysztof Strzelczyk <cs052279@yahoo.com> To: "N. J. Cash" <ncash@pei.eastlink.ca> Cc: FreeBSD Security <freebsd-security@freebsd.org> Subject: Re: telnet / ipfw question Message-ID: <20020314190936.3548.qmail@web14807.mail.yahoo.com> In-Reply-To: <3C90E4F9.A4CA41CA@centtech.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Why not use ssh? Of course you will want 3.1 to avoid the fiasco last week. -Chris --- Eric Anderson <anderson@centtech.com> wrote: > Why do you need telnet so badly? The rules are > fine, but those won't matter > when someone sniffs your plain text password and > source ip, then spoofs it and > logs in as you. > > Eric > > > "N. J. Cash" wrote: > > > > I have telnet enabled on my system running > 4.5-stable and have it hidden > > behind very strick ipfw rules so that the only IP > that has access to the box > > on port 23 is my home static IP, everything else > is denied by the firewall. > > I'm well aware of the risks of having telnet open > and how insecure it can be > > so, i'm just looking for some input here if this > sounds like a safe way to > > have the daemon running on a system. Would there > still be security risks > > involved > > that i'm not aware about running it this way? > > > > Here's basically what's going on in ipfw for port > 23. > > > > ipfw add 1400 allow log tcp from x.x.myip.x.x to > any 23 > > ipfw add 09000 deny log ip from any to any > > > > Look safe ? > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of > the message > > -- > ------------------------------------------------------------------ > Eric Anderson Systems Administrator Centaur > Technology > If at first you don't succeed, sky diving is > probably not for you. > ------------------------------------------------------------------ > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of > the message __________________________________________________ Do You Yahoo!? Yahoo! Sports - live college hoops coverage http://sports.yahoo.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020314190936.3548.qmail>