Dieter Kirchner wrote:
Hi,
front door for a mainframe telnet session, is there any valid reason to even install telnet, rlogin, etc.?
Yes, if you need to update ssh remotly. sshd got a lot of security problems the last years, if you have to update it remotly you will enable telnetd for a short period to restart sshd after an update - if the update fails you will be locked out of a remote system :-)
Anyway you should consider to use pam features to secure the login (via sshd and telnet): disable remote root login, limit the su command then to few selected users with the pam listfile module. Nearly all script kiddies will fail to use a rootkit, even if they get it installed, as they are not able to add a user to the arbitrary listfile. That saved my servers once...
You should upgrade to the latest SuSE Version anyway, obsolete products become really difficult after a short time (as you have to upgrade everything from sources manually).
Good luck,
Dieter
Even though the OS is fairly old, I've only recently setup the LAN. I've already ordered SUSE PRO 9.2, and will certainly be better off at that point. I am fairly new to the security admin side of things, and so want to learn prior to the upgrade. I've been reading the SAG (which is quite dated now) & the Linux Security HOWTO (an updated SAG, maybe? It's by the same author/contains similar info) to learn about this issue. When I update, I'll do a clean install on these boxes. Y'all have given me something to think about for now. Thanks. Don -- DC Parris http://matheteuo.org/ http://chaddb.sourceforge.net/ "Free software is like God's love - you can share it with anyone anytime anywhere."