[techtalk] login restriction

Aaron Malone aaron at mancala.semo.net
Fri Jul 7 15:56:50 EST 2000


On Fri, Jul 07, 2000 at 01:54:41PM -0400, Susannah D. Rosenberg wrote:
> yeah, but it still leaves rlogind and telnetd flapping in the wind. can
> you say "telnet to port 25", boys and girls?
> 
> gaping security flaws are /bad/.

This has been discussed a bit already, but I think there's some deep
misunderstanding going on.  You can delete telnetd and rlogind, and
still be able to telnet to port 25.  Using a telnet client to connect
to port 25 -- it has nothing to do with a telnet server (unless your
system is configured very strangely). You're connecting to sendmail,
exim, qmail-smtpd, or some other SMTP server.  telnetd isn't relevant
in this case.

Now, telnetd should certainly be disabled, but if you don't want
certain people logging in at all, do the shell trick as well.  It
works fine for ssh as well.

-- 
Aaron Malone (aaron at semo.net)
System Administrator                 I can bend minds with my spoon.
Poplar Bluff Internet, Inc.
http://www.semo.net 





More information about the Techtalk mailing list