Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: [suse-security] Why Install Telnet by Default?
From: Marcus Meissner (meissnersuse.de)
Date: Thu Dec 08 2005 - 01:23:28 CST
On Thu, Dec 08, 2005 at 01:18:34AM -0500, WebDev wrote:
> I am not a security expert by any means, nor necessarily a "purist", when it
> comes to installing only the apps I need to run. I do install some apps that
> I want to tinker with, even though I may not use them regularly. However, I
> understand that we should avoid using telnet because it is "insecure". Yet,
> telnet is still installed by default on SUSE, when the secure alternatives
> seem to be more appropriate. I assume there is a reason for this.
> I ask, because I deselected telnet when I installed SUSE 10.0, and duringa
> repair process, my system reported that telnet was a core app. If we should
> avoid using it, shouldn't we avoid installing it to begin with?
The telnet protocol is unsafe, telnet the program is just another program
and can be used "safe" locally or for non-login purposes.
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-helpsuse.com
Security-related bug reports go to securitysuse.de, not here