I am not sure why people complain about telnet-security when many of these same people have no qualms whatsoever using FTP on the same account -- equally plain text and over the general internet. Yes, you can SSL encapsulate your FTP transactions, and rdist can use ssh as its transport method, but how many people are really doing that? You can also kerberize POP, or ssh pop too, but again, most customers don't have the sophistication to do use all three religiously. Security is not a once-in-a-while thing. If you allow FTP or POP access to the same accounts you deny telnet to, the same alleged sniffers will have just as easy a time grabbing anything they'd like off the wire. Deepak Jain AiNET -----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of Steven J. Sobol Sent: Saturday, July 28, 2001 6:24 PM To: Mitch Halmu Cc: Roeland Meyer; 'k claffy'; nanog@nanog.org; caida@caida.org Subject: RE: 'we should all be uncomfortable with the extent to which luck ..' On Wed, 25 Jul 2001, Mitch Halmu wrote:
Those (few) providers offering shell accounts still do.
Not the smart ones. I do shell, and I may have an in.telnetd lying around somewhere, but it sure as hell isn't turned on. The line wasn't just commented out of my inetd.conf, it was deleted. Amazingly, the people I provide the service to are using SSH with no problem at all. -- JustThe.net LLC - Steve "Web Dude" Sobol, CTO - sjsobol@JustThe.net Donate a portion of your monthly ISP bill to your favorite charity or non-profit organization! E-mail me for details.