Behavior of OPA/TTA telnet server

yelrub
Topic Author
Visitor

11 years 3 months ago #5368 by yelrub

Behavior of OPA/TTA telnet server was created by yelrub

I'm surprised (actually amazed) by the apparent default behavior of the FreeAXP telnet server for the console and serial port - they accept multiple concurrent connections from multiple ip addresses. This is completely counter-intuitive and seems a huge security hole ... have I missed something?

Please Log in or Create an account to join the conversation.

Bruce Claremont
Topic Author
Visitor

11 years 3 months ago #5369 by Bruce Claremont

Replied by Bruce Claremont on topic RE: Behavior of OPA/TTA telnet server

It is no different than any other application that is accessed via an IP port. It's a hole it you don't manager IP port access effectively. It is a feature if you want access to one of the virtual serial ports from a remote location.

Please Log in or Create an account to join the conversation.

yelrub
Topic Author
Visitor

11 years 3 months ago #5370 by yelrub

Replied by yelrub on topic RE: Behavior of OPA/TTA telnet server

I can see how it might be a useful feature to enable, but I can't see how this can be viewed as safe, as a default configuration.

Perhaps the following options should be available:
Allow concurrent connections - yes/no (default no)
Allow connections other than localhost - yes/no (default no)

I can't think of any common network application that would drop you into an existing session without any authentication, certainly not a console port.

Please Log in or Create an account to join the conversation.

Moderators: iamcamiel

Time to create page: 0.190 seconds