From owner-freebsd-questions  Sat Mar 23  0: 6:21 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from russian-caravan.cloud9.net (russian-caravan.cloud9.net [168.100.1.4])
	by hub.freebsd.org (Postfix) with ESMTP id 90B9137B404
	for <FreeBSD-questions@FreeBSD.ORG>; Sat, 23 Mar 2002 00:06:17 -0800 (PST)
Received: from earl-grey.cloud9.net (earl-grey.cloud9.net [168.100.1.1])
	by russian-caravan.cloud9.net (Postfix) with ESMTP
	id 192CE28B1B; Sat, 23 Mar 2002 03:06:17 -0500 (EST)
Date: Sat, 23 Mar 2002 03:06:17 -0500 (EST)
From: Peter Leftwich <Hostmaster@Video2Video.Com>
X-X-Sender:  <pete@earl-grey.cloud9.net>
To: Charles Burns <burnscharlesn@hotmail.com>
Cc: <shovey@buffnet.net>, <csfbsd@raggedclown.net>,
	FreeBSD Questions <FreeBSD-questions@FreeBSD.ORG>
Subject: Re: So long and thanks for all the fish [telnet vs ssh]
In-Reply-To: <F61GQUEYvZmDvHbYxPo0000a6bd@hotmail.com>
Message-ID: <20020323025138.G59417-100000@earl-grey.cloud9.net>
Organization: Video2Video Services - http://Www.Video2Video.Com
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

On Sat, 23 Mar 2002, Charles Burns wrote: [snip]
> Thinking about it, are there really any compelling reasons to use SSH for
> most tasks (like command shells) when the likelyhood of being packet sniffed
> is (in most environments) far lower than the likelyhood of a serious
> security flaw popping up in SSH, which happens occasionally? Other than one
> recent bug, Telnet has a better record and is likely to have less holes
> found down the road because it is so much simpler (and FAR easier to setup
> properly!)

PreScript: I saw an entry in /etc/services for "telnets" - what's that?

With security, people will talk of "in principle."  I can assure you,
though, that best practices are to use a moderate level of security.

Two or three years ago, this avid learner learned the embarrassed way that
passwords in the work environment are easilly sniffed.  You see, I used to
use plain old telnet (port 23/tcp) to check my email on a Unix box; Then
one day, Ben G., almighty cracker and hacker extraordinaire came by my cube
and told me my password.  I quickly ran the "passwd" command and changed my
password to "BenS\/ksAs$" or something of the sort, which prompted him to
peramble by again and smile at me about the new password (I finally changed
the password when I got home because I didn't know enough about ssh and
s/key).

Long story short.  Workplaces that use *hubs* for their LAN are icky and
promiscuous.  They pimp out your ehternet adapter ("NIC").  Workplaces that
use *switches* are loverly.  Security is your buhhhhh-dee.

--
Peter Leftwich
President & Founder
Video2Video Services
Box 13692, La Jolla, CA, 92039 USA
+1-413-403-9555


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message