Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: telnet vs ssh on Core equipment , looking for reasons why ?

  • From: Bob K
  • Date: Tue Jul 31 11:00:10 2001

On Tue, 31 Jul 2001, Stephen J. Wilcox wrote:

> > But who said I am not on your network ?  What if I penetrated your AAA
> > server, or, some other server on your network ?
> 
> well your not. and if you were, i'm pretty well screwed! altho having said
> that, my network doesnt allow you to hop between machines.. but maybe you
> compromised my security? okay, i'm screwed again!

Security is generally not an all-or-nothing game.  Most script kiddies
have enough skill to run a prefab'd exploit on your IIS server; some have
enough skill to inject trojan ARP entries and use tcpdump; but far fewer
have the ability to decrypt ssh packets (although new tools are making
this easier).  In cases where ssh is an option, why not use it?

-- 
Bob <melange@yip.org> | Yes.  I know.  That is, indeed, *not* mayonnaise.






Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.