RE: telnet/ftp security

From owner-freebsd-questions Mon Jan 21 5:12:58 2002 Delivered-To: freebsd-questions@freebsd.org Received: from monster.datasoft.nl (monster.wellance.com [195.193.128.24]) by hub.freebsd.org (Postfix) with ESMTP id CCF3E37B41A for ; Mon, 21 Jan 2002 05:12:01 -0800 (PST) Received: by monster.wellance.com with Internet Mail Service (5.5.2653.19) id ; Mon, 21 Jan 2002 14:22:34 +0100 Message-ID: <0107A170FEECD211ABE500104BD665BBFF027D@monster.wellance.com> From: Stefan de Zeeuw To: "Questions@Freebsd. Org (E-mail)" Subject: RE: telnet/ftp security Date: Mon, 21 Jan 2002 14:22:33 +0100 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01C1A27E.AF66E660" Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_001_01C1A27E.AF66E660 Content-Type: text/plain; charset="iso-8859-1" joe, if you're searching for good ssh/sftp clients for windows you can best look at one of the mirrors of ssh.com. you can download one there. -stef -----Original Message----- From: jacks@sage-american.com [mailto:jacks@sage-american.com] Sent: Saturday, January 19, 2002 9:04 PM To: Joe & Fhe Barbish; Alfatrion Cc: FBSD Questions Subject: RE: telnet/ftp security Joe: SSH and sftp are FBSD. SSH should be already setup and running on your FBSD machine and can be accessed from a Win client capable of ssh1/ssh2. It accesses thru port 22. You will need to install sftp on the FBSD server and setup the Win FTP client to use ssh if you have one that can do so.... At 02:48 PM 1.19.2002 -0500, Joe & Fhe Barbish wrote: >I only access the FBSD/gateway/ipfw box from ms/windows >machines. You implied the SSH(v2) and sftp are the >equivalent encrypted versions of telnet & ftp. >Are these windows clients, and if so where do I get >them from? > >I read the man skey and it's assocated other commands >man pages. As usual these man pages lacks any how to >setup and use info. >Is there any how-to-use infor you can point me to? > >Thanks >Joe > >-----Original Message----- >From: Alfatrion [mailto:alfatrion@cybertron.tmfweb.nl] >Sent: Saturday, January 19, 2002 11:32 AM >To: Joe & Fhe Barbish >Cc: FBSD Questions >Subject: Re: telnet/ftp security > >Hello Joe, > >Saturday, January 19, 2002, 5:08:57 PM, you wrote: > >JFB> I have telnet & FTP ID/PW access to my FBSD gateway/ipfw >JFB> box from the internet. Are there any security holes in >JFB> these two applications that would allow breaking into my system? > >The biggest security holes in those application is the lack of >security. Both application send the usernames, passwords and the data >unencrypted. All one has to do is sniff the username and passwords to >gain access to the system. SSH(v2) and sftp are the equivalent >encrypted versions. (a lot of other procolls are unsave to, like pop3, >smtp, ect.) > >I have my machine set up so that it can not be reached from the >internet with telnet, but did leave other procols untouched. To >compromis for this i installed the use of one-time-use password, for >certain users. You can check 'man skey' for this. > >-- >Best regards, > Alfatrion mailto:alfatrion@cybertron.tmfweb.nl > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-questions" in the body of the message > > Best regards, Jack L. Stone, Server Admin =================================================== Sage-American http://www.sage-american.com jacks@sage-american.com "My center is giving way, my right is in retreat; ....situation excellent! ....I shall attack!" =================================================== To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message ------_=_NextPart_001_01C1A27E.AF66E660 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable RE: telnet/ftp security

joe, if you're searching for good ssh/sftp = clients for windows you can best look at one of the mirrors of ssh.com. = you can download one there.

-stef

-----Original Message-----
From: jacks@sage-american.com [mailto:jacks@sage-american.com]
Sent: Saturday, January 19, 2002 9:04 PM
To: Joe & Fhe Barbish; Alfatrion
Cc: FBSD Questions
Subject: RE: telnet/ftp security

Joe: SSH and sftp are FBSD. SSH should be already = setup and running on your
FBSD machine and can be accessed from a Win client = capable of ssh1/ssh2. It
accesses thru port 22.

You will need to install sftp on the FBSD server and = setup the Win FTP
client to use ssh if you have one that can do = so....

At 02:48 PM 1.19.2002 -0500, Joe & Fhe Barbish = wrote:
>I only access the FBSD/gateway/ipfw box from = ms/windows
>machines. You implied the SSH(v2) and sftp are = the
>equivalent encrypted versions of telnet & = ftp.
>Are these windows clients, and if so where do I = get
>them from?
>
>I read the man skey and it's assocated other = commands
>man pages. As usual these man pages lacks any = how to
>setup and use info.
>Is there any how-to-use infor you can point me = to?
>
>Thanks
>Joe
>
>-----Original Message-----
>From: Alfatrion [mailto:alfatrion@cybertron= .tmfweb.nl]
>Sent: Saturday, January 19, 2002 11:32 AM
>To: Joe & Fhe Barbish
>Cc: FBSD Questions
>Subject: Re: telnet/ftp security
>
>Hello Joe,
>
>Saturday, January 19, 2002, 5:08:57 PM, you = wrote:
>
>JFB> I have telnet & FTP ID/PW access to = my FBSD gateway/ipfw
>JFB> box from the internet. Are there any = security holes in
>JFB> these two applications that would allow = breaking into my system?
>
>The biggest security holes in those application = is the lack of
>security. Both application send the usernames, = passwords and the data
>unencrypted. All one has to do is sniff the = username and passwords to
>gain access to the system. SSH(v2) and sftp are = the equivalent
>encrypted versions. (a lot of other procolls are = unsave to, like pop3,
>smtp, ect.)
>
>I have my machine set up so that it can not be = reached from the
>internet with telnet, but did leave other = procols untouched. To
>compromis for this i installed the use of = one-time-use password, for
>certain users. You can check 'man skey' for = this.
>
>--
>Best regards,
> = Alfatrion &nb= sp; &nb= sp; mailto:alfatrion@cybertron= .tmfweb.nl
>
>
>To Unsubscribe: send mail to = majordomo@FreeBSD.org
>with "unsubscribe freebsd-questions" = in the body of the message
>
>

Best regards,
Jack L. Stone,
Server Admin

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D
Sage-American
http://www.sage-american.com
jacks@sage-american.com

"My center is giving way, my right is in = retreat;
....situation excellent! ....I shall = attack!"
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D

To Unsubscribe: send mail to = majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in = the body of the message

------_=_NextPart_001_01C1A27E.AF66E660-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message