From owner-freebsd-security  Wed Jul 25 15:53:46 2001
Delivered-To: freebsd-security@freebsd.org
Received: from fep02-svc.swip.net (fep02.swip.net [130.244.199.130])
	by hub.freebsd.org (Postfix) with ESMTP id 48E3037B407
	for <freebsd-security@FreeBSD.ORG>; Wed, 25 Jul 2001 15:53:40 -0700 (PDT)
	(envelope-from tubbs@home.se)
Received: from tubbs.home.se ([213.100.32.142]) by fep02-svc.swip.net
          with ESMTP
          id <20010725225338.KLZQ9787.fep02-svc.swip.net@tubbs.home.se>;
          Thu, 26 Jul 2001 00:53:38 +0200
Message-Id: <5.0.2.1.2.20010726002921.04d8cec0@students.su.se>
X-Sender: m74mh81f@students.su.se
X-Mailer: QUALCOMM Windows Eudora Version 5.0.2
Date: Thu, 26 Jul 2001 00:58:53 -0700
To: bob <bob@antepenultimate.org>
From: Markus =?iso-8859-1?Q?Hallstr=F6m?= <tubbs@home.se>
Subject: Re: Telnet exploit & 3.4-RELEASE
Cc: FreeBSD Security <freebsd-security@FreeBSD.ORG>
In-Reply-To: <Pine.GSO.4.33.0107251500370.5000-100000@wasabi.sushigoth.c
 om>
References: <5.0.2.1.2.20010725234729.04b4b160@students.su.se>
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"; format=flowed
Content-Transfer-Encoding: quoted-printable
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

At 15:03 2001-07-25 -0700, bob wrote:
>Sorry, I should have mentioned that about a dozen of my friends use this
>machine for mail and such, so i need to provide telnet access for them.
>Many connect from machines where installing an ssh client isn't possible.
>
>--bob
>
>On Wed, 25 Jul 2001, Markus [iso-8859-1] Hallstr=F6m wrote:
>
> > At 14:23 2001-07-25 -0700, bob wrote:
> > >What is the best way for me to secure my 3.4-Release machine from the
> > >recent telnetd exploit?
>...
> >
> > Disable telnet in inetd and start using ssh would be a good workaround
> >
> > /TUBBS
> >
> >
> >
> >
> >
> > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > with "unsubscribe freebsd-security" in the body of the message
> >

get new friends! if that isnt an option i would check out some of the ssh=20
clients you can run on a website


you could check

http://www.appgate.org/products/mindterm/

and

  http://www.employees.org/~satch/ssh/faq/ssh-faq-2.html#ss2.2.2



I have no idea if any of these are any good


you really shouldnt run telnet anyhow.

/TUBBS








To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message