From owner-freebsd-security Fri Mar 29 19:55:50 2002 Delivered-To: freebsd-security@freebsd.org Received: from rain.macguire.net (sense-sea-MegaSub-1-125.oz.net [216.39.144.125]) by hub.freebsd.org (Postfix) with ESMTP id 4E9B237B405; Fri, 29 Mar 2002 19:55:40 -0800 (PST) Received: (from roo@localhost) by rain.macguire.net (8.11.6/8.11.6) id g2U3tTe08896; Fri, 29 Mar 2002 19:55:29 -0800 (PST) (envelope-from roo) Date: Fri, 29 Mar 2002 19:55:29 -0800 From: Benjamin Krueger To: Chris BeHanna Cc: FreeBSD Security , freebsd-chat@freebsd.org Subject: Re: SSH or Telnet? Message-ID: <20020329195529.B7895@rain.macguire.net> References: <200203291145.OAA03776@paranoid.eltex.ru> <20020329220256.N38382-100000@topperwein.dyndns.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20020329220256.N38382-100000@topperwein.dyndns.org>; from behanna@zbzoom.net on Fri, Mar 29, 2002 at 10:04:43PM -0500 X-PGP-Key: http://www.macguire.net/benjamin/public_key.asc Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org * Chris BeHanna (behanna@zbzoom.net) [020329 19:05]: > On Fri, 29 Mar 2002 ark@eltex.ru wrote: > > > -----BEGIN PGP SIGNED MESSAGE----- > > > > What's wrong with telnet? I use it frequently and i am pretty satisified with > > it. > > > > (I don't need to encrypt sessions, there is no sensitive information inside. > > Don't tell me about cleartext passwords, there are no cleartext passwords. > > Have a look at ethereal or dsniff. You will be surprised. > > > And if you really need encryption you may run telnet over ipsec) > > IPsec is a VPN solution. If someone in the LAN to which you're > VPN-ing is running a sniffer, then what? > > -- > Chris BeHanna > Software Engineer (Remove "bogus" before responding.) > behanna@bogus.zbzoom.net > I was raised by a pack of wild corn dogs. Our unsuspecting user logs in to the nameserver to update the pornserve.domain.com zone record for the new porn server (yay!). ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ roo@rain:~> telnet fog Trying 10.0.0.50... Connected to fog.DOMAIN. Escape character is '^]'. HP-UX fog B.11.00 A 9000/712 (t0) login: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ MEANWHILE, IN THE CAVE OF EVILDOERS! Joe Deluer, Evil Hax0r Extrodinaire, listens closely on an upstream link... ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ dsniff: listening on fxp0 dsniff: trigger_tcp: decoding port 23 as telnet ----------------- 03/29/02 19:42:33 tcp rain.macguire.net.1392 -> fog.macguire.net.23 (telnet) roo test123 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Ah Ha!", says Joe, "I will 0wn j00 my pretty and your delicious pr0n too!". --- "... there are no cleartext passwords." DESCRIPTION dsniff is a password sniffer which handles FTP, Telnet, SMTP, HTTP, POP, poppass, NNTP, IMAP, SNMP, LDAP, Rlogin, RIP, OSPF, PPTP MS-CHAP, NFS, VRRP, YP/NIS, SOCKS, X11, CVS, IRC, AIM, ICQ, Napster, PostgreSQL, Meeting Maker, Citrix ICA, Symantec pcAnywhere, NAI Sniffer, Microsoft SMB, Oracle SQL*Net, Sybase and Microsoft SQL protocols. -- Benjamin Krueger "Life is far too important a thing ever to talk seriously about." - Oscar Wilde (1854 - 1900) ---------------------------------------------------------------- Send mail w/ subject 'send public key' or query for (0x251A4B18) Fingerprint = A642 F299 C1C1 C828 F186 A851 CFF0 7711 251A 4B18 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message