[rescue] Solaris 10 Remote-Root Exploit
Peter Corlett
abuse at cabal.org.uk
Wed Feb 14 10:21:58 CST 2007
On Wed, Feb 14, 2007 at 11:08:31AM -0500, Patrick Giagnocavo wrote:
[...]
> IMHO only an idiot would leave telnet on unless there was an absolute
> requirement.
A mooli.org.uk user is using a machine which has not had ssh ported to it,
and the port would not be trivial since it's not terribly POSIX. For that
reason alone, telnet and FTP are open to the world. Closing those ports cuts
him off, and also one of my sources of crufty old hardware to play with :)
But this possibly counts as an "absolute requirement".
More information about the rescue
mailing list