Benjamin Scott wrote:
> Hmmm. AFAIK, simply having telnet open isn't insecure. It is
> using telnet -- specifically, logging in with your password in
> the clear -- that makes you vulnerable to sniffed passwords. SSH
> will help prevent that.
Actually, this isn't always true... Some telnet and ftp daemons
can have remote exploits and buffer overflows. To my knowledge,
this is rare, since people don't usually muck with the code for
them. And, in all fairness, SSH did have an issue with the rsa
reflib, which is the reason that I use OpenSSH from outside of
the US.
> However, simple SSH session encryption won't protect against
> man-in-the-middle attacks, and it is still vulnerable to brute
> force attacks and weak passwords.
That's easy to fix... don't use passwords ;-)
> Only SSH with mutual public/private key authentication is truly
> secure against all known attacks.
This I have to agree with. Public key authentication is really
the best way to go for any system. Not to mention that it's a lot
easier than remembering a ton of passwords.
Kenny
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
