Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: ATTENTION SOLARIS ADMINS

  1. #1
    Senior Member
    Join Date
    Jan 2003
    Posts
    3,915

    ATTENTION SOLARIS ADMINS

    I just threw up a blog post with all the relevant details (http://www.computerdefense.org/?p=258). Needless to say there's a new 0-day in the Solaris telnet daemon. It's rather simple to bypass and could be remotely exploited by my grandmother... If you're running telnet still.. Disable it.

  2. #2
    Purveyor of Lather Syini666's Avatar
    Join Date
    Aug 2001
    Posts
    553
    HT wouldn't you agree however that anybody still using telnet for anything other than a bad joke deserves what they get in this case, since its standard knowledge how much telnet sucks? And wow what a short exploit, perhaps a record setter?
    You're not your post count, You're not your avatar or sig, You're not how fast your internet connection is, You are not your processor, hard drive, or graphics card. You're the all-singing, all-dancing crap of AO
    09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0

  3. #3
    Senior Member
    Join Date
    Jan 2003
    Posts
    3,915
    Quote Originally Posted by Syini666
    HT wouldn't you agree however that anybody still using telnet for anything other than a bad joke deserves what they get in this case, since its standard knowledge how much telnet sucks? And wow what a short exploit, perhaps a record setter?
    Telnet is considered an inherent security risk because of the lack of encryption... (among other things)... but there's always a chance that someone could be running ssl-telnet or krb-telnet. There are also some situtations where telnet is almost "required" but is sometimes an ease of use thing for people...

    I agree though that in an environment with any sense of security you probably *shouldn't* be running telnet... but I don't agree that they deserve what they get...

  4. #4
    Right turn Clyde Nokia's Avatar
    Join Date
    Aug 2003
    Location
    Button Moon
    Posts
    1,696
    anybody still using telnet for anything other than a bad joke deserves what they get
    Not really, no. I have lots of legacy infrastructure hardware that only accept telnet connections. Likeiwse I know of a fair amount of other people who are in the same boat.....

    'Because they use telnet' is not a valid answer when someone asks you why something should be upgraded.

    Anyone who works or has worked in a corperate enviroment will always find themselves using telent from time to time.....

  5. #5
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    I have to argue nokia's corner on this one. Whilst I would agree that Telnet would not be your application of choice, that implies that you actually have a choice?

    Let's face it folks, legacy systems can be a real PITA if you cannot get the budget/resouces to replace them?

    My view is that Telnet is fine, provided that it is used internally. which is what I believe it was its original intention?


  6. #6
    Senior Member
    Join Date
    Jan 2003
    Posts
    3,915
    Quote Originally Posted by nihil

    My view is that Telnet is fine, provided that it is used internally. which is what I believe it was its original intention?

    I don't know that I agree with that... on your internal network is where you are subject to sniffing... we all know, that unless you're some big hub or at an ISP, you're not going to be sniffing internet traffic.... Which eliminates the plaintext problem for the most part...

    As for legacy systems... We actually had (and it took considerable effort) SSH running on SunOS 4... You can get it on a lot of systems... but yes there's the occasional system that you have to have telnet running on... Those systems, however, should have access controls in place... IP address limitations, etc.... that should shield them from vulnerabilities in telnet, such as this one..

  7. #7
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    HT~ ,

    Sorry mate, that was a rather slack post on my part. I was referring to home, and SOHO type environments where everyone is "trusted".


  8. #8
    Right turn Clyde Nokia's Avatar
    Join Date
    Aug 2003
    Location
    Button Moon
    Posts
    1,696
    If you have someone sniffing your internal traffic, using telent is the least of your worries

  9. #9
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    That is very true.................never let an HR problem become an IT one

  10. #10
    Senior Member
    Join Date
    Jan 2003
    Posts
    3,915
    Quote Originally Posted by Nokia
    If you have someone sniffing your internal traffic, using telent is the least of your worries
    If proper protocols are in place then it shouldn't be too much of a bother to have someone sniffing on your network...

    There are places where detecting sniffing is going to be impossible... and I can get you that employees at lost of companies play with sniffers.. or college students...

    I would say that telnet running is a bigger concern than people sniffing... either way the environment is probably not properly secured (so it probably becomes a moot point)...

Similar Threads

  1. Port List
    By ThePreacher in forum Miscellaneous Security Discussions
    Replies: 17
    Last Post: December 14th, 2006, 09:37 PM
  2. Tcp/ip
    By gore in forum Newbie Security Questions
    Replies: 11
    Last Post: December 29th, 2003, 08:01 AM
  3. x86 Solaris free!
    By el-half in forum AntiOnline's General Chit Chat
    Replies: 4
    Last Post: December 12th, 2003, 01:25 PM
  4. solaris sadmind again
    By NullDevice in forum *nix Security Discussions
    Replies: 0
    Last Post: September 17th, 2003, 09:31 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •