From owner-freebsd-questions  Sat May 26  0:25:40 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from smtp014.mail.yahoo.com (smtp014.mail.yahoo.com [216.136.173.58])
	by hub.freebsd.org (Postfix) with SMTP id CF00D37B422
	for <questions@freebsd.org>; Sat, 26 May 2001 00:25:38 -0700 (PDT)
	(envelope-from sky_tracker@yahoo.com)
Received: from hse-toronto-ppp3488902.sympatico.ca (HELO d.tracker) (65.92.113.215)
  by smtp.mail.vip.sc5.yahoo.com with SMTP; 26 May 2001 07:25:38 -0000
X-Apparently-From: <sky?tracker@yahoo.com>
Received: (from david@localhost)
	by d.tracker (8.11.3/8.11.3) id f4Q3OrH00551
	for questions@freebsd.org; Sat, 26 May 2001 03:24:53 GMT
	(envelope-from david)
Date: Sat, 26 May 2001 03:24:53 GMT
From: David Banning <sky_tracker@yahoo.com>
Message-Id: <200105260324.f4Q3OrH00551@d.tracker>
To: questions@freebsd.org
Subject: security question
Reply-To: david@banning.com
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

I am setting up a small network of Windows desktops that are
accessing the net through a FreeBSD server. If I disable telnet, ftp,
and everything in inetd.conf leaving only http open, what are my
risks?

I have webadmin running.
I'd would *like* telnet and shell (rshd) to run, so I can telnet
in. I can't imagine how someone could break in to a system, so
I am pretty lost in assessing this risk. 

I know SSH is better for telneting in to the server, but then
it has to be on every machine that you telnet in from. 

When I hear "don't use telnet unless you have to", I
wonder. I know several sites that have telnet where I can login,
and those places are alot bigger that my little'ol place.

If I use telnet, is there really such a risk?

I'm going all over the place here. Maybe someone could reccomend a good
place to learn about this topic?
I started with the FreeBSD Security How-to which is a good starter.


_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message