'we should all be uncomfortable with the extent to which luck ..'
Deepak Jain
deepak at ai.net
Sat Jul 28 22:49:07 UTC 2001
I am not sure why people complain about telnet-security when many of these
same people have no qualms whatsoever using FTP on the same account --
equally plain text and over the general internet.
Yes, you can SSL encapsulate your FTP transactions, and rdist can use ssh as
its transport method, but how many people are really doing that? You can
also kerberize POP, or ssh pop too, but again, most customers don't have the
sophistication to do use all three religiously.
Security is not a once-in-a-while thing. If you allow FTP or POP access to
the same accounts you deny telnet to, the same alleged sniffers will have
just as easy a time grabbing anything they'd like off the wire.
Deepak Jain
AiNET
-----Original Message-----
From: owner-nanog at merit.edu [mailto:owner-nanog at merit.edu]On Behalf Of
Steven J. Sobol
Sent: Saturday, July 28, 2001 6:24 PM
To: Mitch Halmu
Cc: Roeland Meyer; 'k claffy'; nanog at nanog.org; caida at caida.org
Subject: RE: 'we should all be uncomfortable with the extent to which
luck ..'
On Wed, 25 Jul 2001, Mitch Halmu wrote:
> Those (few) providers offering shell accounts still do.
Not the smart ones. I do shell, and I may have an in.telnetd lying around
somewhere, but it sure as hell isn't turned on. The line wasn't just
commented out of my inetd.conf, it was deleted.
Amazingly, the people I provide the service to are using SSH with no
problem at all.
--
JustThe.net LLC - Steve "Web Dude" Sobol, CTO - sjsobol at JustThe.net
Donate a portion of your monthly ISP bill to your favorite charity or
non-profit organization! E-mail me for details.
More information about the NANOG
mailing list