From owner-freebsd-security Fri Aug 17 14: 4:36 2001 Delivered-To: freebsd-security@freebsd.org Received: from cithaeron.argolis.org (bgm-24-169-175-136.stny.rr.com [24.169.175.136]) by hub.freebsd.org (Postfix) with ESMTP id 1ACAA37B406 for ; Fri, 17 Aug 2001 14:04:21 -0700 (PDT) (envelope-from piechota@argolis.org) Received: from localhost (piechota@localhost) by cithaeron.argolis.org (8.11.4/8.11.4) with ESMTP id f7HL45T05034; Fri, 17 Aug 2001 17:04:05 -0400 (EDT) (envelope-from piechota@argolis.org) X-Authentication-Warning: cithaeron.argolis.org: piechota owned process doing -bs Date: Fri, 17 Aug 2001 17:04:04 -0400 (EDT) From: Matt Piechota To: "Carroll, D. (Danny)" Cc: Subject: RE: Silly crackers... NT is for kids... In-Reply-To: <98829DC07ECECD47893074C4D525EFC311561F@citsnl007.europe.intranet> Message-ID: <20010817165323.F4969-100000@cithaeron.argolis.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Fri, 17 Aug 2001, Carroll, D. (Danny) wrote: > Even for authentication? > > I can understand using a telnet client to manually test SMTP servers or > other protocols, but I cannot understand why you *need* telnet. > Mind you I am against using pop3 as well, unless it's encrypted. Example 1: You're on an internal heavily firewalled corporate LAN, where none of your information is hidden between employees. So you don't care, and you don't have to worry about installing ssh on every PC's desktop, and teaching cluon-deprived people to use it. Example 2: You're running realtime applications, or applications that need all available processing power for performance reasons. The extra overhead of encrypting and decrypting the ssh traffic may drop your performance. Let's not forget that until the recently done work of the OpenSSH team, you couldn't use SSH in a commercial environment with out paying for it. And besides, sniffing passwords isn't that terribly easy if you're using switched Ethernet anyways. As an experiment, I've tried to sniff passwords here (Falls under Example 1: we telnet everywhere, and even allow root to telnet and ftp in), I've never gotten one unless it was from the box I was running the sniffer from. I'll agree that these aren't all that typical, but they do exist. -- Matt Piechota Finger piechota@emailempire.com for PGP key AOL IM: cithaeron To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message