On Sun, 11 Mar 2007, Dave Carlson wrote: >>> "Due to overwhelming demand we are in the process of placing new >>> orders with our suppliers. Your order will be filled ASAP." > > Maybe they didn't want to ship with the in.telnetd vulnerability once > they found out about it: > > http://sunsolve.sun.com/search/document.do?assetkey=1-26-102802-1 Thanks for sharing that. I shut down telnet altogether about 8 years ago and before that I was using tcp-wrappers to block access from most IPs. It's just too insecure of a protocol even without a "vulnerability" in it. I also do not allow root logins. Some people think I'm totally crazy to be so restrictive, but I think typing "su" and a password is a very small price to pay for the added security -- if someone finds a vulnerability in my SSH daemon, I will have that extra layer of protection between when the script kiddies find out about it and when I find out about it, and I want that. Mike