I, and others, have long suggested that it is intelligent to filter
inbound telnets to devices people have no reason to connect to from the
outside world. Why are you allowing telnets to the PM from another
country? You should filter those out, as well as telnets to ANY router,
host, NAS, etc that users do not need access to from the outside. Many
sites will also filter such telnets out on the dial side. First line
of defense- don't let them get there.
>telnetting into a *nix box, even if a root session gets dropped, IT DOES
>NOT SPIT OUT CLEARTEXT PASSWDS TO WHOEVER TELNETS IN!
PMs do it in ONE situation - someone was specifically doing a PPP debug
and did not close the debug properly. This is easy to avoid doing.
-MZ
-- <URL:mailto:megazone@megazone.org> Gweep, Discordian, Author, Engineer, me.. Join ISP/C Internet Service Providers' Consortium <URL:http://www.ispc.org/> "A little nonsense now and then, is relished by the wisest men" 781-788-0130 <URL:http://www.gweep.net/> <URL:http://www.megazone.org/> Hail Discordia!- To unsubscribe, email 'majordomo@livingston.com' with 'unsubscribe portmaster-users' in the body of the message. Searchable list archive: <URL:http://www.livingston.com/Tech/archive/>