"Samuel W. Heywood" wrote: > > _BUT_ the biggest security risk is telnet itself. > > It transmits and receives in CLEAR !!! (ie not encrypted) > > So you don't need a malicious programm to read the session ! > > Don't most POP3 email clients also transmit passwords in the clear > upon contacting the server? Doesn't one have to be a highly advanced > geek in order to sniff passwords? Who would be interested in getting > into my email anyway? I am not a politician involved in an affair > with an intern and I am not involved in any illegal conspiracies and > I don't use email to talk with suspicious and corrupt and sinister > people such as lawyers.
a) yes b) not with the abundance of script-kiddie-ware� available on the 'net c) depends on the type of online connections you have. Some want your login/password to use you as one of many steps in a larger attack...others would count on the probability that you'd use the same/similar password for other online activities > > Use SSH (secure shell) instead. > > It is a "encrypted telnet" which offers scp/sftp capabilities. > > scp is a secure version of rcp (remote copy) > > sftp -> secure ftp > > I have heard about that but I don't know how to use it. There is a > nice Telnet program that comes with BasicLinux, an operating system > that I am using from time to time and slowly learning more about. Do > you know if I can do SSH with the Telnet program that comes with > BasicLinux? Since you use DOS frequently, grab the SSHDOS client: http://sshdos.sourceforge.net/ > If you think I can figure out how to use this SSH thing without having > to climb a steep learning curve, please send it to me. It's fairly straight forward. I'd recommend downloading SSHDOS and poke around the files included. For example, you can construct a ssh.cfg (configuration file) that would save each connection parameter you have need of: Host myemail Hostname myserver.net #full hostname User mylogin #username Cipher 3des #cipher type [3des recommended] Term vt100 #terminal type [vt100 most likely] allowing you to simply type the following @ your DOS prompt to connect, securely: ssh myemail cheers david -- What you think, you become. - Buddha
