IT security people sleep well

• Previous message (by thread): IT security people sleep well
• Next message (by thread): IT security people sleep well
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* Robert Boyle <robert at tellurian.com> [2004-06-07 14:08]:
> I really truly don't see the problem with plaintext telnet 
> management of routers.

It is exactly this belief in the security of your networks that gets 
this industry in so deep shit.

ever heard of multilayer security?
some little problem somewhere that allows an attacker to sniff your 
telnet traffic and you are d00med. that might be as simple as a routing 
fuckup.

You loose nothing with using ssh instead of telnet.
You win a lot.

ssh is a basic component for secure network management.
it is not the one magic piece that turns a collection of crap into an 
ubersecure network of course, as some people seem to imply.

not seeing the problem with cleartext telnet for remote logins in 2004, 
wether ACL'd or not, is just ... oh man, I don't have words for this.

-- 
Henning Brauer, BS Web Services, http://bsws.de
hb at bsws.de - henning at openbsd.org
Unix is very simple, but it takes a genius to understand the simplicity.
(Dennis Ritchie)

• Previous message (by thread): IT security people sleep well
• Next message (by thread): IT security people sleep well
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]