From owner-freebsd-security  Wed Nov 14 19:44:32 2001
Delivered-To: freebsd-security@freebsd.org
Received: from topperwein.dyndns.org (acs-24-154-28-168.zoominternet.net [24.154.28.168])
	by hub.freebsd.org (Postfix) with ESMTP id 2320A37B405
	for <freebsd-security@freebsd.org>; Wed, 14 Nov 2001 19:44:27 -0800 (PST)
Received: from topperwein.dyndns.org (topperwein.dyndns.org [192.168.168.10])
	by topperwein.dyndns.org (8.11.6/8.11.6) with ESMTP id fAF3iMF57866
	for <freebsd-security@freebsd.org>; Wed, 14 Nov 2001 22:44:22 -0500 (EST)
	(envelope-from behanna@zbzoom.net)
Date: Wed, 14 Nov 2001 22:44:17 -0500 (EST)
From: Chris BeHanna <behanna@zbzoom.net>
Reply-To: Chris BeHanna <behanna@zbzoom.net>
To: <freebsd-security@freebsd.org>
Subject: Re: AdoreWorm
In-Reply-To: <5.1.0.14.2.20011114215959.01e4bd90@MailServer>
Message-ID: <20011114224255.C57801-100000@topperwein.dyndns.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

On Wed, 14 Nov 2001, Stefan Probst wrote:

> Hello Chris,
>
> At 09:58 14.11.2001 -0500, you wrote:
> -------------------------
> >There is no reason I can think of to use
> >it [telnetd] on any modern server, because ssh clients are widely and freely
> >available for every platform.
>
> I will give you some reasons:
> 1. Until a few weeks ago, Vietnam was behind a nation-wide firewall, which
> didn't let ssh pass. I had no choice than to do everything via telnetd.

    It is possible to tunnel just about anything through a firewall if
you're determined enough.

> But, just to clarify: On all my machines, root has neither telnet, nor ftp
> access. And I am not on a cable modem (where the whole neighbourhood can
> sniff packets), but dial-up to the ISP, and from there comparable direct
> lines to the server in the US. "Only" provider staff should have access to
> the lines, i.e. be able to sniff.

    How many hops between your ISP and the machine?  Even if the
answer is "1", you are still vulnerable to such things as dsniff.

-- 
Chris BeHanna
Software Engineer                   (Remove "bogus" before responding.)
behanna@bogus.zbzoom.net
I was raised by a pack of wild corn dogs.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message