On Sun, 11 Mar 2007, Dave Carlson wrote:

>>> "Due to overwhelming demand we are in the process of placing new 
>>> orders with our suppliers. Your order will be filled ASAP."
>
> Maybe they didn't want to ship with the in.telnetd vulnerability once 
> they found out about it:
>
> http://sunsolve.sun.com/search/document.do?assetkey=1-26-102802-1

Thanks for sharing that.  I shut down telnet altogether about 8 years ago 
and before that I was using tcp-wrappers to block access from most IPs. 
It's just too insecure of a protocol even without a "vulnerability" in it.

I also do not allow root logins.  Some people think I'm totally crazy to 
be so restrictive, but I think typing "su" and a password is a very small 
price to pay for the added security -- if someone finds a vulnerability in 
my SSH daemon, I will have that extra layer of protection between when the 
script kiddies find out about it and when I find out about it, and I want 
that.

Mike