Mailinglist Archive: opensuse-security (138 mails)

< Previous Next >
Re: [suse-security] Why Install Telnet by Default?
  • From: Dana Hudes <dhudes@xxxxxxxxxxx>
  • Date: Thu, 8 Dec 2005 09:06:17 -0500 (EST)
  • Message-id: <Pine.LNX.4.58.0512080904380.2498@xxxxxxxxxxxxxxxxxxxx>
telnetd is what you don't want running. Telnet is very useful tool for
debugging internet application protocols. think beyond a remote shell.
You can telnet to port 25 to see whats up with a mail server, 80 for a web
server etc.
the telnet client is very important and useful tool.



On Thu, 8 Dec 2005, WebDev wrote:

> I am not a security expert by any means, nor necessarily a "purist", when it
> comes to installing only the apps I need to run. I do install some apps that
> I want to tinker with, even though I may not use them regularly. However, I
> understand that we should avoid using telnet because it is "insecure". Yet,
> telnet is still installed by default on SUSE, when the secure alternatives
> seem to be more appropriate. I assume there is a reason for this.
>
> I ask, because I deselected telnet when I installed SUSE 10.0, and duringa
> repair process, my system reported that telnet was a core app. If we should
> avoid using it, shouldn't we avoid installing it to begin with?
>
> Thanks in advance for your input.
> Don
> --
> Web Developer
> Oakdale Christian Fellowship
> http://matheteuo.org/
>
> --
> Check the headers for your unsubscription address
> For additional commands, e-mail: suse-security-help@xxxxxxxx
> Security-related bug reports go to security@xxxxxxx, not here
>
>

< Previous Next >
References