Would you leave telnet client installed?

Hangdog42 · 10-20-2012, 08:11 AM

Quote:

Originally Posted by Linux_Kidd

Perhaps the idea of "not needed not there" concept has vanished from the world of security?

So what's your stance when there's a zeroday for the telnet client that allows uid's to do things as uid =0 ??? Would you then say "OH, only if it wasn't installed"???

Not needed here certainly hasn't vanished, and is prudent in many instances . However, the scenario you're raising applies to ANY piece of software on the machine. Are you sure your text editors don't have a zero-day exploit just waiting to jump out? How about your shell environments?

If having a telnet client makes you uncomfortable, then by all means remove it. But also think about overall ways to monitor the health of the system (regular patching, file integrity checks, log monitoring). Those are much more likely to catch a problem than worrying about individual software installs.

Linux_Kidd · 10-22-2012, 12:02 PM

I am not talking about per app here, i am talkjng about security best practices. And yes, my systems have every item installed on the system and what its functions and needs are. If not needed its gone, if its function can be done via another tool, like using ssh instaed of telent to check open ports, then i evaluate that and remove he one that is not needed.

This is my practice for locking a system down.

Reuti · 10-22-2012, 12:42 PM

You also removed unnecessary kernel modules or compiled a static one?

Linux_Kidd · 10-23-2012, 01:48 PM

Yes, I advocate monolithic kernel for specific systems. Out of the box is no longer acceptable in this day and age of hacking.