Date: Mon, 21 Jan 2002 17:04:14 -0500 From: "Doug Reynolds" <mav@wastegate.net> To: "FBSD Questions" <questions@FreeBSD.ORG>, "Joe & Fhe Barbish" <barbish@a1poweruser.com> Subject: Re: telnet/ftp security Message-ID: <20020121220224.DFDF44844F@wastegate.net> In-Reply-To: <LPBBIGIAAKKEOEJOLEGOIEBFCNAA.barbish@a1poweruser.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 19 Jan 2002 11:08:57 -0500, Joe & Fhe Barbish wrote: >I have telnet & FTP ID/PW access to my FBSD gateway/ipfw >box from the internet. Are there any security holes in >these two applications that would allow breaking into my system? I dont think there is any "security hole" in the daemon themselves, at least, no one has discovered anything as of yet. however, both are unsecure, and transmit plain text passwords over the internet. any one snooping (although unlikely) can get your password / user id. I would kill telnet, and run ssh. there is also a secure ftp protocol available in the ports, but it looks like a major kludge instead of a good fix, at least to me --- doug reynolds | the maverick | mav@wastegate.net PGP Public Key Fingerprint: 6E7B 9993 B503 6D45 E33A 2019 26E5 C1DB To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020121220224.DFDF44844F>