Wakeup call for Solaris admins: SHUT TELNET!

If you haven't shut off Telnet on Solaris (which Sun enables by default along with everything else) yet, here's just another reason to do so ASAP.  Telnet is one of those clear text protocols that will expose your user credentials to anyone monitoring the traffic (which is quite trivial) and any clear text authentication protocol should have banned long ago.  Unfortunately it is still the dominant remote shell client even though secure alternatives have existed for a long time such as SSH.  Anyone who has not proactively disabled Telnet on their Solaris machines (or any device for that matter) should do so immediately and switch to SSH immediately.  Administrators can get a free copy of Putty the free SSH client.  We must remember that just because the machine is behind a firewall doesn't make it "OK" to run Telnet.

Sun Microsystems should also wake up and lock down their Solaris installations by default.  Most people just don't realize how buggy and full of security vulnerabilities there are in typical UNIX operating systems.  Because Solaris never got the "immunization" effects of worms that afflict Windows, they're typically left unpatched for years on internal LANs.