At 02:48 AM 1/14/00 Jeff Rubin wrote:
It was common 5 years ago, today, most ISPs offer no Telnet access. Which does suck as you can imagine. But, for security reasons, it seems the trend is to offer no Telnet.
Telnet became unfeasible when people started misusing the Internet. Even if you or your user are nice, friendly and honest, and never misuse their account, someone who is not-nice, unfriendly, and dishonest can easily sniff the password, get in, and create havoc. I repeat my offer: Give me a telnet account on your RaQ2, give me 5 minutes, and tell me which file (owned by root and with permissions "-rwx------" you want me to delete. I'll be happy to do it for you. Qubes take a few minutes longer; I'm not as familiar with their security holes <smile>.
Read the ISP-oriented lists, you'll read about people who spend hundreds of hours repairing damage caused by people who get into their boxes in spite of all security precautions. Do you have that kind of time? Do you have all the backups you'll need (after a system has been hacked you really MUST delete everything, wipe the drives and start over; otherwise you may miss a trojan left behind by the hacker so he can get back in). Can you afford to lose the customers?
I say no to the above. Jeff -- Jeff Lasman, nobaloney.net <jblists@xxxxxxxxxxxxx> <www.nobaloney.net>, <www.mailtraqna.com>, <www.email-lists.com>