Stigers, Gregory - ANDOVER wrote:
>
> I am about to get out of my league here, but we are co-developing an
> application using the 3K as a data server with another software company
> (using IMAGE and COBOL no less!). One of their people wanted me to turn
> on TELNET so that the client can talk to the HP across TCP/IP, replacing
> the current DTC / serial connections currently used by the application.
> Problem is, our IP addresses are real, and I don't want intrepid souls
> hacking our 3K from some Internet connection.

Other than "security by obscurity", telnet is more secure than NS/VT.
Using 5.5's /var/adm/inetd.sec (? inetdsec.net.sys ?) you can specify
which addresses you will service, unlike NS/VT and other NS daemons
that have no filtering.

You can set a reasonable firewall on a router *provided* you by default
deny all connections and permit only what you wish (you can do it the
other way around, but it's not as secure).

NS/VT is only secure in that "not everybody has an NS/VT client".

Jeff Kell <[log in to unmask]>