RE: [cobalt-users] Telnet - Access Denied Message

["Colin J. Raven" <cjraven@xxxxxxxxxxx>]

>> <snippo>
>> >You could also modify /etc/inetd.conf so that whenever someone
>> >"telnets"
>> >port 23 they automaticly get /bin/badsh but I don't reccomend it for
>> >security reasons.
>>
>> Zeffie, would you please comment on the reasons that such actions
>> represent a security risk?
>
>Well it causes problems with the big plan... At leaset
>questions in my mind
>that I have not determined the answers to.  Normally it is
>good to turn off
>telnet which I belive coblat accomplishes by overwriting the file at
>/etc/inetd.conf and at this time I'm not postive you could change from
>telnet off to telnet on... which we need when ssh takes a dump on us.
>
>As far as a security problem I see it this way.  If the port
>is shut off a
>person would get nothing at all.  And by placing bad shell
>there you are
>giving them
>1. A connection to work with
>2. A Program that previsoly only verified users on the system got.
>3. The oppertunity to think about what they have as opposed to nothing.
>
>Now if we did work to adjust the inetd.conf files I would
>perfer not to give
>them a message but instead adjust the servers routing to
>"reject" them.  But
>this is dangerous too.  You could reject yourself from your own box...
>(Nothing new)
>
>> I could see changing the "Cobalt Server" part, after all,
>why announce
>> what could be the "keys to the castle" for Johnny Hacker.
>
>Why say anything to johnny?  If he finds nothing he thinks
>it's nothing.
>I think it's called "security by obscurity"
Zeffie;
Thank you for a most informative clear and unambiguous explanation.
Agreed and understood. Lesson well taught, lesson equally well learned!
Regards,
-Colin
--
Colin J. Raven