North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
RE: 'we should all be uncomfortable with the extent to which luck ..'
- From: Deepak Jain
- Date: Sat Jul 28 18:50:59 2001
I am not sure why people complain about telnet-security when many of these
same people have no qualms whatsoever using FTP on the same account --
equally plain text and over the general internet.
Yes, you can SSL encapsulate your FTP transactions, and rdist can use ssh as
its transport method, but how many people are really doing that? You can
also kerberize POP, or ssh pop too, but again, most customers don't have the
sophistication to do use all three religiously.
Security is not a once-in-a-while thing. If you allow FTP or POP access to
the same accounts you deny telnet to, the same alleged sniffers will have
just as easy a time grabbing anything they'd like off the wire.
From: firstname.lastname@example.org [mailto:email@example.com]On Behalf Of
Steven J. Sobol
Sent: Saturday, July 28, 2001 6:24 PM
To: Mitch Halmu
Cc: Roeland Meyer; 'k claffy'; firstname.lastname@example.org; email@example.com
Subject: RE: 'we should all be uncomfortable with the extent to which
On Wed, 25 Jul 2001, Mitch Halmu wrote:
> Those (few) providers offering shell accounts still do.
Not the smart ones. I do shell, and I may have an in.telnetd lying around
somewhere, but it sure as hell isn't turned on. The line wasn't just
commented out of my inetd.conf, it was deleted.
Amazingly, the people I provide the service to are using SSH with no
problem at all.
JustThe.net LLC - Steve "Web Dude" Sobol, CTO - sjsobol@JustThe.net
Donate a portion of your monthly ISP bill to your favorite charity or
non-profit organization! E-mail me for details.