Hi Steve, About sending plain text password and files with telnet and ftp: uninstall your 'telnetd' and 'ftp server' and install 'ssh' ssh is real secure and has two usefull commands: 'ssh' is a substitute for telnet and 'scp' is not the same thing, but substitutes ftp with some advantages
read their manuals and compare. Bye Pedro On Wed, Feb 21, 2001 at 03:13:43PM -0500, Steve Rudd wrote: > Hello! Steve here, > > Well I am one of the family now! My server is Debian 2.2r2. A benign hacker > got me. All he seemed to do was overwrite my root index.html page and > notify the "hackers watchdog" group to take responsibility for the act! > > I have some security questions: > > 1. How secure is it checking email with eudora pro, given they have not yet > got ssh or any other system that is secure? Since outlook has ssh, is it > worth switching for that? I use a separate user and password for mail and ftp. > > 2. Cute ftp is not secure yet, but should be soon. > > 3. Using netscape to port to private sections of the website: > > www.abc.com:1020/systemconfig/index.html > > (for example) > > I am asked for a user name and password via netscape/IE > > ======= > > Ok all these things are really transmitting my user name and password via > plain text with no encryption. If I have sudo installed and a sniffer comes > along, they have root access very easily! > > Should I be concerned about using email, ftp and IE ? > > Steve > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > >