IT security people sleep well

Alexei Roudnev alex at relcom.net
Fri Jun 4 06:23:15 UTC 2004


This is very bad - they have SSH in extended versions, why did not they
included it into all versions, where it was possible
without running out of flash memory.

Through, it is not so unsecured - in most cases people restricts access to a
few IP sources, which are located on the internal network, or even allows
only console access; but anyway, not a good thing. They could (at least)
allow changing telnet port

>
>
> >
> >On Thu, 03 Jun 2004 13:16:44 PDT, Eric Kuhnke <eric at fnordsystems.com>
said:
> >
> > > The part about Telnet is truly scary...   Among people who have
"clue",
> > > the biggest reason I have heard to continue running ssh1 is for
> > > emergency access via hand-held smartphones or other pocket sized
> > > devices.  The Handspring Treo 180 and similar keyboarded cellphone-pda
> > > devices don't have the CPU power necessary for a SSH2 key exchange,
> > > unless I'm drastically mistaken about the FPU abilities of a 33 MHz
> > > Motorola Dragonball...
>
> Cisco 26xx, 36xx routers at least, current 12.3 IOS, no ssh support in the
> basic loads that I can find. Telnet is the only way in other than the
> console port.
>
>




More information about the NANOG mailing list