[techtalk] login restriction
Aaron Malone
aaron at mancala.semo.net
Fri Jul 7 15:56:50 EST 2000
On Fri, Jul 07, 2000 at 01:54:41PM -0400, Susannah D. Rosenberg wrote:
> yeah, but it still leaves rlogind and telnetd flapping in the wind. can
> you say "telnet to port 25", boys and girls?
>
> gaping security flaws are /bad/.
This has been discussed a bit already, but I think there's some deep
misunderstanding going on. You can delete telnetd and rlogind, and
still be able to telnet to port 25. Using a telnet client to connect
to port 25 -- it has nothing to do with a telnet server (unless your
system is configured very strangely). You're connecting to sendmail,
exim, qmail-smtpd, or some other SMTP server. telnetd isn't relevant
in this case.
Now, telnetd should certainly be disabled, but if you don't want
certain people logging in at all, do the shell trick as well. It
works fine for ssh as well.
--
Aaron Malone (aaron at semo.net)
System Administrator I can bend minds with my spoon.
Poplar Bluff Internet, Inc.
http://www.semo.net
More information about the Techtalk
mailing list