[plug] Incoming Telnet Priority

Steven Vertigan steve at vertigan.wattle.id.au
Fri Nov 23 16:17:27 WST 2001


On Fri, 2001-11-23 at 11:35, William Kenworthy wrote:
> There's actually an extensive list of things that telnet can do that ssh
> seemingly cant starting with machines that have no ssh deamon (and
> cannot have one installed), to checking ports such as mail, to company
> firewalls that only allow telnet gateways that they can monitor (refer
> to the Mandrake list for an extensive list of uses and reasons after the
> recent flames by intollerant ssh evangelists!) 

I hope there's more than what you just mentioned.  What has a machine's
installed packages got to do with the capabilities of the package?  Not
to mention most of the unices I've installed in recent times have had
the ssh daemon set up by default and required manual installation (or
activation) of the telnet server.  And no installing a telnet server
won't check ports of mail or anything else, who told you it would?  The
fact you can access many tcp services with a telnet *client* has nothing
to do with whether you should have a gaping security hole in your
machine or not.
  As for allowing your company or any third party to monitor your
connection yes, it'll do that, but not everyone would consider that a
must-have feature.  If I was stuck behind such a firewall I would rather
try something like tunneling through http or even getting the desired
machine to listen for ssh on a different port.

And while I'm ranting about bad security what is it with people that
wouldn't touch telnet with a 10-foot pole but are happy with pop3
services running?  I have an account with a web hosting company in the
U.S that won't give me shell access but don't offer any other form of
encryption so I'm stuck blasting my plaintext password across the net
every 15 minutes.  I would close the account but I signed up for 12
months or thereabouts.

Steve



More information about the plug mailing list