[Snort-sigs] SID 716
alexander.s at ...1565...
Mon Jun 9 14:27:12 EDT 2003
This signature indicates that somebody has succeeded in logging in to a
machine via telnet.
This signature indicates that somebody has logged in to a machine over a
telnet connection. This may indicate that a system has been compromised
if the client is outside your network. Telnet is a terminal emulation
program. The telnet client connects to a telnet server which usually
runs on TCP port 23.
An attacker may have compromised the machine. This program is also used
Ease of Attack:
Do not allow root logins through telnet. Use a firewall to restrict
telnet access to certain hosts. It is preferable to use ssh instead of
Documentation - Steven Alexander<alexander.s at ...1565...>
More information about the Snort-sigs