Hi Steve,
About sending plain text password and files with telnet and ftp:
uninstall your 'telnetd' and 'ftp server' and install 'ssh'
ssh is real secure and has two usefull commands:
'ssh' is a substitute for telnet
and 'scp' is not the same thing, but substitutes ftp with some advantages
read their manuals and compare.
Bye
Pedro
On Wed, Feb 21, 2001 at 03:13:43PM -0500, Steve Rudd wrote:
> Hello! Steve here,
>
> Well I am one of the family now! My server is Debian 2.2r2. A benign hacker
> got me. All he seemed to do was overwrite my root index.html page and
> notify the "hackers watchdog" group to take responsibility for the act!
>
> I have some security questions:
>
> 1. How secure is it checking email with eudora pro, given they have not yet
> got ssh or any other system that is secure? Since outlook has ssh, is it
> worth switching for that? I use a separate user and password for mail and ftp.
>
> 2. Cute ftp is not secure yet, but should be soon.
>
> 3. Using netscape to port to private sections of the website:
>
> www.abc.com:1020/systemconfig/index.html
>
> (for example)
>
> I am asked for a user name and password via netscape/IE
>
> =======
>
> Ok all these things are really transmitting my user name and password via
> plain text with no encryption. If I have sudo installed and a sniffer comes
> along, they have root access very easily!
>
> Should I be concerned about using email, ftp and IE ?
>
> Steve
>
>
> --
> To UNSUBSCRIBE, email to [EMAIL PROTECTED]
> with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
>
>
