Date: Mon, 26 Jun 2000 12:25:20 +0200 From: Adrian Chadd <adrian@freebsd.org> To: David O'Brien <obrien@freebsd.org> Cc: arch@freebsd.org Subject: Re: Disabling inetd? Message-ID: <20000626122520.U36017@zoe.bastard.co.uk> In-Reply-To: <20000626031547.J14265@dragon.nuxi.com>; from obrien@freebsd.org on Mon, Jun 26, 2000 at 03:15:48AM -0700 References: <20000626053525.U85886@argon.gryphonsoft.com> <20000626115146.S36017@zoe.bastard.co.uk> <20000626031547.J14265@dragon.nuxi.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Jun 26, 2000, David O'Brien wrote: > On Mon, Jun 26, 2000 at 11:51:46AM +0200, Adrian Chadd wrote: > > If I remember right, the telnet port isn't insecure by itself, only > > open telnet connections. So there really isn't anything to be said > > for killing telnet for 'out of the box security' - if people use > > telnet rather than ssh, they're going to enable it anyway. > > I cannot quite parse what you are saying. What does speaking about a > port's security mean? The telnet service open by itself poses no security risk. The telnet service *in use* is a security risk. I've had some feedback from people saying "why not use the internat crypto dist?" .. thats all nice and good if I'm installing a box that has internet connectivity. however, not all boxes have internet connectivity. Yes, I could toast a CDROM with the added internat crypto distribution and packages to make things work for us non-US people, but its a pain in the ass and sometimes I just want to get the machines -going- and then do remote work later. As to the people saying "You can just enable it after boot!" .. well, you could disable sshd and enable it after boot ... :-) I could validly argue that enabling remote access of any kind by default when non-security- conscious people are installing FreeBSD is a security risk. But then I'd be getting pedantic. :) Adrian -- Adrian Chadd Build a man a fire, and he's warm for the <adrian@FreeBSD.org> rest of the evening. Set a man on fire and he's warm for the rest of his life. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000626122520.U36017>