Date: Tue, 7 May 2002 09:23:44 +0200 From: Borja Marcos <borjam@sarenet.es> To: solarflux@ziplip.com Cc: security@freebsd.org Subject: Re: Telnet Exploit Message-ID: <200205070723.g477NjR3025099@borja.sarenet.es> In-Reply-To: <GTP3YE3JSQGUYEIE2F0SOTH3D3KQNJKUJJYERK0S@ziplip.com> References: <GTP3YE3JSQGUYEIE2F0SOTH3D3KQNJKUJJYERK0S@ziplip.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tuesday 07 May 2002 01:22, you wrote: > Are you for real? Have you ever sniffed a connection between two machi= nes =09Sure! > using ssldump? When looking at a telnet or ftp connection, it shows > everything, clear as day. =09It is obvious that ssh has many benefits. It encrypts the connection, = and=20 you can use public keys to authenticate both parties. I am not silly. > As long as OpenSSH exploits are fixed in a timely fashion, I consider s= shd > to be MUCH more secure than telnetd. The zlib bug argument is pretty w= eak. =09I don't think it is weak. Software complexity is a serious danger. I w= ould=20 prefer a simpler ssh service without frills, subject to a design process = with=20 a strong focus on security. Do you think all the software used by OpenSSH= (or=20 other ssh implementations) has been thoroughly audited? =09Hey, I use ssh years ago, and I always authenticate with public keys. = It is=20 really useful, but I am worried with the current trends with software=20 complexity and reuse. It can lead to security problems. =09Borja. --=20 __________________________________________________________________ Borja Marcos * borjam@sarenet.es Responsable de seguridad * Tel: +34 944209470 SARENET S.A. - * Fax: +34 944209465 Parque Tecnologico, 103 * PGP KeyID: 0x50B24B8C 48170 - Zamudio (Bizkaia) SPAIN * __________________________________________________________________ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200205070723.g477NjR3025099>