From owner-freebsd-arch Mon Jun 26 3:45:12 2000 Delivered-To: freebsd-arch@freebsd.org Received: from mout1.silyn-tek.de (mout1.silyn-tek.de [194.25.165.69]) by hub.freebsd.org (Postfix) with ESMTP id 4DE9D37B61D; Mon, 26 Jun 2000 03:45:06 -0700 (PDT) (envelope-from alex@big.endian.de) Received: from [192.168.32.34] (helo=mx2.silyn-tek.de) by mout1.silyn-tek.de with esmtp (Exim 3.13 #1) id 136WBo-0003Tf-00; Mon, 26 Jun 2000 12:32:28 +0200 Received: from p3e9d38d6.dip0.t-ipconnect.de ([62.157.56.214] helo=neutron.cichlids.com) by mx2.silyn-tek.de with esmtp (Exim 3.13 #1) id 136WBm-0002qa-00; Mon, 26 Jun 2000 12:32:27 +0200 Received: from cichlids.cichlids.com (cichlids.cichlids.com [192.168.0.10]) by neutron.cichlids.com (Postfix) with ESMTP id D0666AC27; Mon, 26 Jun 2000 12:32:29 +0200 (CEST) Received: by cichlids.cichlids.com (Postfix, from userid 1001) id 1976D14AB2; Mon, 26 Jun 2000 12:32:30 +0200 (CEST) Date: Mon, 26 Jun 2000 12:32:30 +0200 From: Alexander Langer To: David O'Brien Cc: Adrian Chadd , arch@FreeBSD.ORG Subject: Re: Disabling inetd? Message-ID: <20000626123230.C7800@cichlids.cichlids.com> References: <20000626053525.U85886@argon.gryphonsoft.com> <20000626115146.S36017@zoe.bastard.co.uk> <20000626031547.J14265@dragon.nuxi.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0.1i In-Reply-To: <20000626031547.J14265@dragon.nuxi.com>; from obrien@FreeBSD.ORG on Mon, Jun 26, 2000 at 03:15:48AM -0700 X-PGP-Fingerprint: 44 28 CA 4C 46 5B D3 A8 A8 E3 BA F3 4E 60 7D 7F X-PGP-at: finger alex@big.endian.de X-Verwirrung: Dieser Header dient der allgemeinen Verwirrung. Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Thus spake David O'Brien (obrien@FreeBSD.ORG): > > If I remember right, the telnet port isn't insecure by itself, only > > open telnet connections. So there really isn't anything to be said > > for killing telnet for 'out of the box security' - if people use > > telnet rather than ssh, they're going to enable it anyway. > I cannot quite parse what you are saying. What does speaking about a > port's security mean? I think he means, that not inetd/telnet itself is the problem, e.g. because of a buffer overflow, but the unencrypted transfer of the passwords through the open connection is. Alex -- cat: /home/alex/.sig: No such file or directory To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message