[Ma-linux] Two Sun Announcements
truegsegger at csc.com
Tue Feb 13 13:53:39 EST 2007
Mike pointed out:
> You are aware that ssh has had more vulnerabilities than telnet in
> the last few years, right?
No, I wasn't, but it doesn't surprise me that a newer protocol, in
active use, will have more folks banging on it.
Telnet is inherently insecure, so no one would be looking for the
kinds of vulnerabilities they look for with ssh. Naturally, if the
daemon gives you privileges beyond what your account (or, in the case
of telnet, the account whose credentials you sniffed) should get,
that's a whole 'nother problem, regardless what protocol you're using.
But please satisfy my curiosity: why would you use telnet today? Why
even enable it? (Using a telnet client just to check a port doesn't
More information about the Ma-linux