On Tue, Jun 05, 2001 at 09:06:30PM -0500, Simeon Johnston wrote: > johndmiller wrote: > > I log in to my machine from > > work using telnet. > > AAAAAAHHHHHH. NO NO NO NO NO NO. > Say it ain't so. SAY IT AIN'T SO. Allow me to join the chorus of horror... If you think we're overplaying the paranoia about using telnet over a network you don't have 100% control over, get a copy of ngrep and read the man page. Their standard example is `ngrep 'user|pass'`, which will capture and display (or log, if you tack on a simple ` > passwords.log`) every "username" or "password" prompt that passes through the machine (or, if it's hooked up to a hub, any machine on that hub). Another parameter to ngrep will cause it to also grab the next few packets on the connection which carried the prompt, thus also capturing the response. This isn't paranoia. Grabbing passwords off an unencrypted session really is that simple. > > portmap[9271] connect from 202.105.205.141 to dump(): request from > > unauthorized host > > > > portmap[?] connct from 200.221.96.88 to getport(status) request from > > unauthoriezed host > > Probably people scanning IP blocks and looking for telnet daemons. Nah. They're talking to portmap, not telnetd. Those requests are asking about available RPC services, most likely in hopes of finding a vulnerable NIS or NFS installation. > No password involved. Oddly enough it's more secure than passwords. > Much easier than telnet and very secure. Yup. Ain't ssh great? -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.12: GCS d? s+: a C++ UL++++$ P++>+++ L+++>++++ E- W--(++) N+ o+ !K w--- O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv+ b+ DI++++ D G e* h r y+