Mailinglist Archive: opensuse-security (138 mails)

< Previous Next >
Re: [suse-security] Why Install Telnet by Default?
  • From: Hipolito Gonzalez <hgonzale@xxxxxxxxxxxxxxx>
  • Date: Thu, 08 Dec 2005 10:44:58 -0400
  • Message-id: <20051208104458.kfkln4uqskoo4800@xxxxxxxxxxxxxxxxxxx>
Quoting WebDev <webdev@xxxxxxxxxxxxx>:

I am not a security expert by any means, nor necessarily a "purist", when it
comes to installing only the apps I need to run. I do install some apps that
I want to tinker with, even though I may not use them regularly. However, I
understand that we should avoid using telnet because it is "insecure". Yet,
telnet is still installed by default on SUSE, when the secure alternatives
seem to be more appropriate. I assume there is a reason for this.

I ask, because I deselected telnet when I installed SUSE 10.0, and duringa
repair process, my system reported that telnet was a core app. If we should
avoid using it, shouldn't we avoid installing it to begin with?

Thanks in advance for your input.

By default, is installed the telnet CLIENT. you can use it for connect to a
telnet server, smtp by hand, o any purpose, but the telnet server is NOT
installed, you need to isntall it.!

< Previous Next >
Follow Ups