IT security people sleep well
Henning Brauer
hb-nanog at bsws.de
Mon Jun 7 16:11:26 UTC 2004
* Robert Boyle <robert at tellurian.com> [2004-06-07 14:08]:
> I really truly don't see the problem with plaintext telnet
> management of routers.
It is exactly this belief in the security of your networks that gets
this industry in so deep shit.
ever heard of multilayer security?
some little problem somewhere that allows an attacker to sniff your
telnet traffic and you are d00med. that might be as simple as a routing
fuckup.
You loose nothing with using ssh instead of telnet.
You win a lot.
ssh is a basic component for secure network management.
it is not the one magic piece that turns a collection of crap into an
ubersecure network of course, as some people seem to imply.
not seeing the problem with cleartext telnet for remote logins in 2004,
wether ACL'd or not, is just ... oh man, I don't have words for this.
--
Henning Brauer, BS Web Services, http://bsws.de
hb at bsws.de - henning at openbsd.org
Unix is very simple, but it takes a genius to understand the simplicity.
(Dennis Ritchie)
More information about the NANOG
mailing list