Mark Anderson wrote: > >SSH1 logins can also be sniffed and cracked in a switched environment, use > SSH2 on a non-standard listening port > Monkey in the middle code means no protocol is safe regardless of the > encryption. I disagree. Crypted protocols can be *really* safe, like SSH2. Public Key Cryptography is based on the assumption that we are communicating over unsafe channels... Using a non-standard listening port has the advantage of not falling in standard traps aimed for random victims, assuming they are using standard ports. It does not stop a determined attacker. However, random script-kiddie type of attacks are probably the main (read: near 100%) worry to most subscribers of this list. Jan _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
- Re: [cobalt-security] re: Telnet security William P. N. Smith
- Re: [cobalt-security] re: Telnet security Frank Smith
- Re: [cobalt-security] re: Telnet security Rodolfo J. Paiz
- [cobalt-security] re: Telnet security William P. N. Smith
- Re: [cobalt-security] re: Telnet security Jan P Tietze
- Re: [cobalt-security] re: Telnet security Paul Gillingwater
- RE: [cobalt-security] re: Telnet security Reinoud van Leeuwen
- RE: [cobalt-security] re: Telnet security Fred
- RE: [cobalt-security] re: Telnet security Adam Sculthorpe
- Re: [cobalt-security] re: Telnet security Mark Anderson
- RE: [cobalt-security] re: Telnet security Jan P Tietze
- RE: [cobalt-security] re: Telnet security Drage, Nicholas
- RE: [cobalt-security] re: Telnet security Adam Sculthorpe
- RE: [cobalt-security] re: Telnet security Adam Sculthorpe
- Re: [cobalt-security] re: Telnet security Mark Anderson
- RE: [cobalt-security] re: Telnet security Reinoud van Leeuwen
- RE: [cobalt-security] re: Telnet security Adam Sculthorpe
