On Tue, Jan 15, 2002 at 05:27:42AM -0800, Jimmy Jam wrote: >I was told on this list that telnet is quite unsafe and provides serious security loopholes (at least on Linux boxes). What if telnet is used behind a firewall? That should be safe right? What if the telnet port (23) is exposed to the outside wall via a firewall? Is that still unsafe? Hiding it behind a firewall _should_ protect you from exterior threats. That is people who should not be inside your LAN. But telnet is BAD because all traffic is passed plaintext. To include username, password, gpg passphrases, ssh-passphrasses (should ou ssh to another machine frmo the remote one), ssl-passphrases (should you be creating a cert, or restarting a ssl enabled service that requires a passphrase...) and leave you open to attack from INSIDE as well. And allowing people to telnet out is bad because people have a nasty habit of using the same passwords in different locations. DO NOT USE TELNET UNLESS IT'S SSL TELNET EVER EVER EVER EVER EVER. TELNET BAD! SSH MARGINALLY BETTER! NO TELNET!!!!! bottom line: using telnet will eventually get you hacked. -- Ben Lutgens Sistina Software Inc. Kernel panic: I have no root and I want to scream