Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Message - Banner's Styles
From: Boris Veytsman <borisv () lk net>
Date: Fri, 26 Mar 2004 10:25:14 -0500

SH> From: Sebastian Herbst <pz () psychozapp de>
SH> Date: Fri, 26 Mar 2004 11:44:26 +0100


SH> the only advise you will get on a SECURITY mailing list is:
SH> DO NOT USE TELNET!

I disagree.  

From man telnetd on debian:

     -z SSL-parameter
                  This option is only valid if telnetd has been built with SSL
                  (Secure Socket Layer) support.

                  debug       Enable SSL related debugging.

                  ssl         Negotiate SSL at first, then use telnet proto-
                              col. In this mode telnetd only accepts connec-
                              tions from SSL enhanced telnet with option -z
                              ssl

                  nossl, !ssl
                              switch off SSL negotiation

                  certsok     Look username up in /etc/ssl.users. The format
                              of this file is lines of this form:
                              user1,user2:/C=US/..... where user1 and user2
                              are usernames. If client certificate is valid,
                              authenticate without password.

                  certrequired
                              client certificate is mandatory

                  secure      Don't switch back to unencrypted mode (no SSL)
                              if SSL is not available.

                  verify=int  Set the SSL verify flags (SSL_VERIFY_* in
                              ssl/ssl.h ).

                  cert=cert_file
                              Use the certificate(s) in cert_file.

                  key=key_file
                              Use the key(s) in key_file.

                  cipher=ciph_list
                              Set the preferred ciphers to ciph_list.  (See
                              ssl/ssl.h ).

I think -z secure is OK.

-- 
Good luck

-Boris

Its name is Public Opinion.  It is held in reverence.  It settles everything.
Some think it is the voice of God.
                -- Mark Twain

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]