On Oct 20, Don Parris
I've just read an article about using ssh/telnet. The article suggested setting a Linux box in front of a mainframe, thus allowing users to telnet to the mainframe _after_ securely connecting to the Linux box via ssh. That's the way one should go (IMHO).
The Linux Security Admin Guide also suggests not installing (or deleting) services you know you won't be using to prevent attackers from using them to access your system. So, other than using a Linux box as a front door for a mainframe telnet session, is there any valid reason to even install telnet, rlogin, etc.? If you mean the telnet server: Clearly NO. The telnet client is still valueable, though. You can use it for many purposes (read your POP3 mail, HTTP requests, send mail via SMTP, ...), not only telnet (port 23).
Based on the SAG, I could eliminate telnet, etc., as I cannot think of any reason to use those services in my LAN (which has no mainframe). SUSE installs these services by default (at least as of 8.0), so I'm thinking about removing them, unless someone can offer good reasons to retain them. My LAN consists of 6 SUSE 8.0 boxes and currently has no connection to the outside world (though that may come at a later date). I want to be sure I thoroughly understand security issues and that I am implementing the best practices for my LAN _before_ I think about connecting it to the outside world. Thanks in advance for your input. SuSE 8.0 will become unsupported in a few weeks/months, so you should not use 8.0 in an insecure environment. I also don't think that a telnet server is enabled by default on 8.0, but I may be wrong. Otherwise, your thoughts are correct and you seem to make everything right.
Markus -- __________________ /"\ Markus Gaugusch \ / ASCII Ribbon Campaign markus(at)gaugusch.at X Against HTML Mail / \