IT security people sleep well

• Previous message (by thread): IT security people sleep well
• Next message (by thread): IT security people sleep well
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> I liked this quote,
> 
>   About 43% of respondents said they're using the Secure Shell (SSH)
>   protocol to protect data, secure remote access, and perform network
>   management. But while the current SSH2 is considered to be
>   significantly more secure, nearly 45% said they are continuing to
>   mostly use the older SSH1 protocol. A cause for greater concern,
>   according to the surveyors, is that 54.9% said they continue to
>   configure their network devices via Telnet, which is known by
>   network security experts to be severely vulnerable to intruders
>   because it sends data as clear text and offers only weak password
>   authentication.

The part about Telnet is truly scary...   Among people who have "clue", 
the biggest reason I have heard to continue running ssh1 is for 
emergency access via hand-held smartphones or other pocket sized 
devices.  The Handspring Treo 180 and similar keyboarded cellphone-pda 
devices don't have the CPU power necessary for a SSH2 key exchange, 
unless I'm drastically mistaken about the FPU abilities of a 33 MHz 
Motorola Dragonball...

• Previous message (by thread): IT security people sleep well
• Next message (by thread): IT security people sleep well
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]