quoth Boris Mann: > But of course, everyone knew that telnet is *inherently insecure*, so > never used it for anything mission critical. Well yeah, but you could say the same about the pserver authentication mode in CVS, which is where the vulnerability was found (you *do* use CVS over ssh, right? ;)). Jason has a good point, though. -- shawn allen mailto://shawn@alterior.net phone://415.577.3961 http://alterior.net aim://shawnpallen