Another good reason for telnet

[Dustin Decker]

On Fri, 11 Jan 2002, John Heryer wrote:

> Client to server ssh usage is primarly *nix thing. The day Microsoft
> developes a certified, encrypted, remote session it will be from one
> windows machine to another. Primarily used as the trasportation of
> choice for the new generation of virii. I can't forsee the guys
> working on openssh supporting the new microsoft encryption scheme
> (if it ever were to exist).
Already been done - they call it Terminal Server (or if you speak XP,
it's the "Remote Desktop Protocol").  I have to hand it to 'em -
although they have given away control of the desktop (terminal for the
sake of this post) they don't allow extensive use of file transfers.
(There is some silly thing you can do with the clipboard, but large
files need something else.)

Fortunately, they've not automated this process yet, so it's not quite
ready for the spreading of virii.  I think John is on to something
however.... goodness knows it will head that way soon enough.  If you
kill TCP port 3389, you'll kill remote desktop protocol.

> 'Responsible' telnet usage goes hand in hand with 'responsible'
> packet sniffer usage. The only thing a firewall will do for you is
> prevent telnet usage and that my friend ... is a goodthang(tm)
Telnet is one of those things that I have no problem with on a LAN
behind a firewall, etc.  But throwing that stuff across the big scary
Internet is similar to playing Russian roullette... eventually the
hammer will fall where you prefer it didn't.

> > Good Lord, we have to trust someone, somewhere.
Trust is earned, not freely given.  The premise that all are trustworthy
until proven otherwise can get you killed these days :)

Dustin

-- 
"I never forget a face, but in your case I'll make an exception."
-- Grouch Marx