Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Message - Banner's Styles
From: Boris Veytsman <borisv () lk net>
Date: Fri, 26 Mar 2004 10:25:14 -0500

SH> From: Sebastian Herbst <pz () psychozapp de>
SH> Date: Fri, 26 Mar 2004 11:44:26 +0100

SH> the only advise you will get on a SECURITY mailing list is:

I disagree.  

From man telnetd on debian:

     -z SSL-parameter
                  This option is only valid if telnetd has been built with SSL
                  (Secure Socket Layer) support.

                  debug       Enable SSL related debugging.

                  ssl         Negotiate SSL at first, then use telnet proto-
                              col. In this mode telnetd only accepts connec-
                              tions from SSL enhanced telnet with option -z

                  nossl, !ssl
                              switch off SSL negotiation

                  certsok     Look username up in /etc/ssl.users. The format
                              of this file is lines of this form:
                              user1,user2:/C=US/..... where user1 and user2
                              are usernames. If client certificate is valid,
                              authenticate without password.

                              client certificate is mandatory

                  secure      Don't switch back to unencrypted mode (no SSL)
                              if SSL is not available.

                  verify=int  Set the SSL verify flags (SSL_VERIFY_* in
                              ssl/ssl.h ).

                              Use the certificate(s) in cert_file.

                              Use the key(s) in key_file.

                              Set the preferred ciphers to ciph_list.  (See
                              ssl/ssl.h ).

I think -z secure is OK.

Good luck


Its name is Public Opinion.  It is held in reverence.  It settles everything.
Some think it is the voice of God.
                -- Mark Twain

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]