Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 23 Mar 2002 03:06:17 -0500 (EST)
From:      Peter Leftwich <Hostmaster@Video2Video.Com>
To:        Charles Burns <burnscharlesn@hotmail.com>
Cc:        <shovey@buffnet.net>, <csfbsd@raggedclown.net>, FreeBSD Questions <FreeBSD-questions@FreeBSD.ORG>
Subject:   Re: So long and thanks for all the fish [telnet vs ssh]
Message-ID:  <20020323025138.G59417-100000@earl-grey.cloud9.net>
In-Reply-To: <F61GQUEYvZmDvHbYxPo0000a6bd@hotmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Sat, 23 Mar 2002, Charles Burns wrote: [snip]
> Thinking about it, are there really any compelling reasons to use SSH for
> most tasks (like command shells) when the likelyhood of being packet sniffed
> is (in most environments) far lower than the likelyhood of a serious
> security flaw popping up in SSH, which happens occasionally? Other than one
> recent bug, Telnet has a better record and is likely to have less holes
> found down the road because it is so much simpler (and FAR easier to setup
> properly!)

PreScript: I saw an entry in /etc/services for "telnets" - what's that?

With security, people will talk of "in principle."  I can assure you,
though, that best practices are to use a moderate level of security.

Two or three years ago, this avid learner learned the embarrassed way that
passwords in the work environment are easilly sniffed.  You see, I used to
use plain old telnet (port 23/tcp) to check my email on a Unix box; Then
one day, Ben G., almighty cracker and hacker extraordinaire came by my cube
and told me my password.  I quickly ran the "passwd" command and changed my
password to "BenS\/ksAs$" or something of the sort, which prompted him to
peramble by again and smile at me about the new password (I finally changed
the password when I got home because I didn't know enough about ssh and
s/key).

Long story short.  Workplaces that use *hubs* for their LAN are icky and
promiscuous.  They pimp out your ehternet adapter ("NIC").  Workplaces that
use *switches* are loverly.  Security is your buhhhhh-dee.

--
Peter Leftwich
President & Founder
Video2Video Services
Box 13692, La Jolla, CA, 92039 USA
+1-413-403-9555


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020323025138.G59417-100000>