At 05:27 AM 1/15/02 -0800, you wrote: >I was told on this list that telnet is quite unsafe and provides serious >security loopholes (at least on Linux boxes). What if telnet is used >behind a firewall? That should be safe right? What if the telnet port >(23) is exposed to the outside wall via a firewall? Is that still unsafe? Telnet is not so much 'unsafe' as it is a totally unsecured service. the Telnetd itself doesn't pose any issues that I know of, but it's service might.. Telnet sends all communication in plaintext, so when you telnet to a remote box, someone snooping in the middle can read anything.. passwords, mail, data etc. Even if you log in as a normal user, then 'su' to root, the root password is sent in plaintext. You can see the issues; telnet was never intended to be secure. It's even bad practice to use telnet on your local network.. assume an intruder has managed to gain access to one of your boxes. Now, they can sniff away as you send passwords & data about in plaintext. You will make their job (of gaining access on more of your machines) much easier. This is why we have SSH.. it's free, more functional and quite secure. Telnet is antiquated, and it is simply bad practice. Don't use it unless the network is totally isolated from the Internet. Even then, SSH is still free :) -Bill