Removing telnet and finger?
Michael R Head
burner at suppressingfire.org
Mon Apr 18 21:00:27 UTC 2005
On Mon, 2005-04-18 at 22:47 +0200, Rainer Gutkas wrote:
> As I just stumbled on my research for my diploma thesis over the
> following document:
>
> http://www.giac.org/certified_professionals/practicals/gcux/0078.php
>
> which suggests security issues for Laptops running debian systems and
> reccomends to remove telnet and finger because they are known to have
> securaty issues, I wondered if this is save within ubuntu.
>
> If I wanna remove telnet (which I never use) Synaptic says I first gotta
> remove Ubuntu base
> If I wanna remove finger Synaptic says i first gotta remove Gnome
> Nettool and ubuntu desktop.
> Will this screw up my system, so I don't have this nice set up desktop
> enviroment anymore and probably all the base system? or are these just
> metapackages which can savely be removed?
There's nothing wrong with telnet and finger. Indeed, telnet can be a
very useful network service testing tool (it can connect to just about
any network port and let you type and read data, at the text level).
Just make sure you don't actually use it to log in to a remote system.
Always use ssh for that.
The security problem would be if you had telnetd and fingerd running.
Fortunately, Ubuntu doesn't install those by default.
>
> Thanks for your suggestions,
>
> Rainer
--
Michael R Head <burner at suppressingfire.org>
GPG: http://www.suppressingfire.org/~burner/gpg.key.txt (ID 23A02B1F)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20050418/031bc670/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20050418/031bc670/attachment.sig>
More information about the ubuntu-users
mailing list