IT security people sleep well
Paul Jakma
paul at clubi.ie
Sun Jun 6 01:12:16 UTC 2004
On Thu, 3 Jun 2004, Eric Kuhnke wrote:
> The part about Telnet is truly scary...
What's really scary is that the people here complaining about a
certain vendor charging extra for SSH and hence forcing them to use
"insecure" telnet havnt the cop-on to read that vendor's
"AAA" documentation and realise that the base feature set _already_
includes capability to do secure authentication.
Eg, challenge/response via RADIUS or even Kerberised telnet (and many
people here probably already have kerberos servers in their
organisations, aka Windows Active Directory).
regards,
--
Paul Jakma paul at clubi.ie paul at jakma.org Key ID: 64A2FF6A
warning: do not ever send email to spam at dishone.st
Fortune:
You can't take damsel here now.
More information about the NANOG
mailing list