Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!swrinde!zaphod.mps.ohio-state.edu!casbah.acns.nwu.edu!ftpbox!motsrd!motcid!derosa From: derosa@motcid.UUCP (John DeRosa) Newsgroups: comp.sys.mac.comm Subject: Re: TelNet File Protection??? Message-ID: <6234@crystal.UUCP> Date: 22 Apr 91 15:27:19 GMT References: <803.280d8689@zodiac.rutgers.edu> Organization: Motorola Inc., Cellular Infrastructure Div., Arlington Heights, IL Lines: 31 garrison@zodiac.rutgers.edu writes: >I've seen several posts refering to the security risks of telnet (in that if >telnet is open, anyone can ftp over to your system and copy to their hearts >content). Is it possible to, say, set the protection on certain applications >and files so that they will be inaccessable to anyone logging into your >system (or, better yet, invisible)? (But remain useable and visible to >people actually using the Mac). This would enable us to just leave telNet >open under multifinder. There are two distinct ways to prevent prying eyes. The first one will work while the second way is better (IMHO). 1) In your config.tel, add the line ftp=no. This will force the default startup condition of TelNet to disallow ftp. When you need ftp, pull down the file menu item and choose FTP Enable. Remember to turn it back off when you are done. This is the manual method. 2) In your config.tel, add the line passfile="ftppass". This tells TelNet to look in your system folder for a file called ftppass that contains passwords for ftp users. In this way, each person trying to ftp to you Macintosh must supply a userid and a password, i.e. they must log in. The ftppass file is created with the telpass application that you should have gotten with TelNet. Enjoy. -- = John DeRosa, Motorola, Inc, Cellular Infrastructure Group = = e-mail: ...uunet!motcid!derosaj, motcid!derosaj@uunet.uu.net = = Applelink: N1111 = =I do not hold by employer responsible for any information in this message =