Telnet will expose your user credentials

oobi · Post time 14-2-2007 12:36 AM

Wakeup call for Solaris admins: SHUT TELNET!

George Ou
TechRepublic
February 12th, 2007

Link to original article

If you haven't shut off Telnet on Solaris (which Sun enables by default along with everything else) yet, here's just another reason to do so ASAP. Telnet is one of those clear text protocols that will expose your user credentials to anyone monitoring the traffic (which is quite trivial) and any clear text authentication protocol should have banned long ago. Unfortunately it is still the dominant remote shell client even though secure alternatives have existed for a long time such as SSH. Anyone who has not proactively disabled Telnet on their Solaris machines (or any device for that matter) should do so immediately and switch to SSH immediately. Administrators can get a free copy of Putty the free SSH client and just because the machine is behind a firewall doesn't make it "OK".

Sun Microsystems should also wake up and lock down their Solaris installations by default. Most people just don't realize how buggy and full of security vulnerabilities there are in typical UNIX operating systems. Because Solaris never got the "immunization" effects of worms that afflict Windows, they're typically left unpatched for years on internal LANs.

Code posted for Solaris remote root exploit

Ryan Naraine
Tracking the hackers - ZDNet
February 11th, 2007

Link to original article

An anonymous hacker has posted instructions on how to launch attacks against a remote root exploit in the Solaris 10/11 telnet daemon.

The exploit, published at Full Disclosure and Milw0rm, exposes a zero-day hole affecting the free and open-source operating system. There are no patches available.

The SANS ISC (Internet Storm Center) is describing the issue as a 搈ajor zero day bug