On 2016-09-13 1:44 PM, Ryan K. Brooks wrote:
On 9/13/16 12:31 PM, Liam Proven wrote:
On 13 September 2016 at 18:53, Ryan K. Brooks
<ryan at hack.net> wrote:
See Also RedHat and CentOS. No telnet,
netstat, etc.
My lack of fannish enthusiasm for the RH family of Linuxes got me
fired from Red Hat.
Nonetheless, their willingness to remove old, insecure legacy stuff
from the OS so that users are encouraged to get with the programme and
move on to modern modern equivalents -- ssh, the ip command, whatever
-- is something I strongly approve of, and wish Debian and its kin
were quicker to imitate.
Are ifconfig, netstat, traceroute, et al really insecure? (Maybe a
case could be made for traceroute) These types of changes to the core
of userland are epic dumb IMHO. Telnet is very useful for debugging,
and certainly dropping telnetd is a good thing - which everyone has done.
Boy are you going to get a shock when you start using containers for
deployment.
--Toby
(who doesn't understand why it's such a big deal to install 1 package
for telnet client)