RE: 'we should all be uncomfortable with the extent to which luck ..'

From: Mitch Halmu []
Sent: Wednesday, July 25, 2001 8:30 AM

> How many of us here run anything less than SSH and even
allow telnetd to
> live on any of our hosts?>

Those (few) providers offering shell accounts still do.

Someone once proved to me, definitvely, how easy it is to crack root from a
shell account. Especially one that is allowed to execute their own code.
That night, I killed all shell accounts of users that I didn't personally
know and trust. Those that were left were introduced to SSH. This was
five-years ago.