Re: Remote telnet through firewall failing

• Previous message: Alan Maul: "OpenServer 5.0.6 hardware raud 73gb drives"
• In reply to: Mike Brown: "Re: Remote telnet through firewall failing"
• Next in thread: Bill Vermillion: "Re: Remote telnet through firewall failing"
• Reply: Bill Vermillion: "Re: Remote telnet through firewall failing"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Thu, 23 Dec 2004 10:25:13 -0500

Mike Brown wrote:
> I have not found internet telnet to be the worst of the various security
> risks. I have help at sites with modem/internet access that unbelievable
> had NO root
> password. I was amazed that after months on the internet ( directly to
> boot, no firewall ) there was no discernible problems.
>
> One adjustment you can make is scoadmin -> system -> terminal manager ->
> options, and set "maximum unsuccessfull attempts before locking terminal"
> to a lower number and increasing delay time between login attempts. This
> may cause a denial of service on the pseudo ttys for telnet, but then
> maybe the site owner will
> take notice and put back your firewall. I have used 5 for the maximum
> failed login attempts.
>
> Another, but fairly pricey, solution is to use the Watchguard Firebox as
> the
> firewall. It has a web server feature with a Java applet that allows a
> remote user to first web browse to the firewall and authenticate, then the
> firewall will open a port for that particular remote IP while the Java
> applet is running. It can be used to open ports for telnet, ssh, ftp, smtp
> and pop for remote users while keeping the wonders of the internet away
> from all the internel machines.

I have one remote SCO box and one remote HP-UX box under my management, both
accessed by telnet for (compelling) identical reasons. I know of four
other similar ones where I have provided application SW and admin support
on subcontract, and on those I know admin access as root is commonly used
despite warnings, and three have no firewall. At least one of these has
been on the internet for over 15 years. Add on three FreeBSD servers doing
NAT, email and http. None has ever been hacked (which in my view has
encouraged dangerous complacency), but a Red Hat Linux system used to
firewall a completely different network I did subcontract application SW
support on was hacked by Romanians to use as a chat server about a week
from when it first went up.

The consensus theory among those of us who knew about that incident was that
vulnerability is proportional to OS popularity. An OS like Windows or
RHLinux is perceived by hackers as worth building tools and scanning for,
but less common ones like SCO, HP-UX, FreeBSD are not worth the effort when
easier pickings abound. Possibly true, but dangerous to rely on.

-- 
John Turner

• Previous message: Alan Maul: "OpenServer 5.0.6 hardware raud 73gb drives"
• In reply to: Mike Brown: "Re: Remote telnet through firewall failing"
• Next in thread: Bill Vermillion: "Re: Remote telnet through firewall failing"
• Reply: Bill Vermillion: "Re: Remote telnet through firewall failing"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]