From owner-freebsd-security@FreeBSD.ORG Wed Dec 28 15:45:09 2011 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 243691065672 for ; Wed, 28 Dec 2011 15:45:09 +0000 (UTC) (envelope-from pawel@dawidek.net) Received: from mail.dawidek.net (60.wheelsystems.com [83.12.187.60]) by mx1.freebsd.org (Postfix) with ESMTP id C107F8FC0C for ; Wed, 28 Dec 2011 15:45:08 +0000 (UTC) Received: from localhost (58.wheelsystems.com [83.12.187.58]) by mail.dawidek.net (Postfix) with ESMTPSA id 6CF523C5; Wed, 28 Dec 2011 16:27:48 +0100 (CET) Date: Wed, 28 Dec 2011 16:26:44 +0100 From: Pawel Jakub Dawidek To: Oliver Pinter Message-ID: <20111228152644.GA1640@garage.freebsd.pl> References: <4EF4A120.1000305@freebsd.org> <20111223195713.GA61589@server.vk2pj.dyndns.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="cWoXeonUoKmBZSoM" Content-Disposition: inline In-Reply-To: X-OS: FreeBSD 9.0-CURRENT amd64 User-Agent: Mutt/1.5.21 (2010-09-15) Cc: freebsd-security@freebsd.org Subject: Re: Merry Christmas from the FreeBSD Security Team X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Dec 2011 15:45:09 -0000 --cWoXeonUoKmBZSoM Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Dec 23, 2011 at 11:12:13PM +0100, Oliver Pinter wrote: > On 12/23/11, Peter Jeremy wrote: > > On 2011-Dec-23 07:41:20 -0800, FreeBSD Security Officer > > wrote: > >>The timing, to put it bluntly, sucks. > > > > Since it's Saturday here, at the start of an extended holiday season, I > > would tend to agree. That said, thanks for the explanation and I think > > you made the right call. > > > >> On the positive side, most people > >>have moved past telnet and on to SSH by now; > > > > I thought everyone had but an acquaintance explained that he has to run > > telnet because his employer doesn't permit any encrypted outside access > > so the employer can monitor all traffic. >=20 > The solution for this situation is BalaBit SCB. >=20 > http://www.balabit.com/network-security/scb Or similar (but much nicer) solution from a FreeBSD-friendly company:) http://www.wheelsystems.com/products/products_fudo/spec?lang=3Den --=20 Pawel Jakub Dawidek http://www.wheelsystems.com FreeBSD committer http://www.FreeBSD.org Am I Evil? Yes, I Am! http://yomoli.com --cWoXeonUoKmBZSoM Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (FreeBSD) iEYEARECAAYFAk77NTQACgkQForvXbEpPzT5pgCgt8SIHq3LwgNCzFcGzL98F0bz 6iIAnRojyxVzmXtKkHe4+K63LXj2NF9Z =MbU9 -----END PGP SIGNATURE----- --cWoXeonUoKmBZSoM--