Vendor comments on plan to remove telnet, ftp and eventually appl/bsd
jaltman at columbia.edu
Mon Jul 22 20:42:01 EDT 2002
> I think there's been... one? None? klogind advisories over the same
> period of time that has seen at least five serious remotely-exploitable
> sshd holes.
> Whether that's because fewer people care or because the program is
> simpler, I have no idea, and frankly don't particularly care. It
> translates into fewer exploits.
> And I'm sorry that you've had so many problems setting up klogind, but it
> works fairly reliably for us across six different brands of Unix. *shrug*
The same could be said of telnet. Its simpler and has less
functionality. Therefore, it should be easier to secure.
Jeffrey Altman * Sr.Software Designer Kermit 95 2.0 GUI available now!!!
The Kermit Project @ Columbia University SSH, Secure Telnet, Secure FTP, HTTP
http://www.kermit-project.org/ Secured with MIT Kerberos, SRP, and
kermit-support at columbia.edu OpenSSL.
More information about the krbdev