[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [cobalt-security] re: Telnet security
- Subject: RE: [cobalt-security] re: Telnet security
- From: "Adam Sculthorpe" <sculthorpe@xxxxxxxxxxxxx>
- Date: Wed, 25 Apr 2001 15:15:56 +0100
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
SSH1 logins can also be sniffed and cracked in a switched environment, use SSH2 on a non-standard listening port
Adam
*********** REPLY SEPARATOR ***********
On 25/04/2001 at 15:41 Reinoud van Leeuwen wrote:
>> Reinoud van Leeuwen wrote:
>> > If you login through *telnet* over a public network, you
>> have a lot to worry
>> > about! Telnet is so insecure, people can just sniff your
>> password to get
>> > into your box... (no hacking needed)
>>
>> Which people are those who can sniff your password? Network
>> administrators
>> and such, but how does an 'ordinary' user watch theinternet
>> promiscuously?
>
>Anyone on the same LAN segment (it does not matter whether it is switched
>or
>not*) can sniff your traffic. So unless you control all the links between
>your workstation and the server you log in, you cannot be sure that you are
>not sniffed. This is usually the case in normal office environments, or
>people that connect through an ISP to their servers.
>If your workstation is on a dedicated management LAN, were you can trust
>all
>the hosts (and you are 100% sure that they are not 0wn3d), it is another
>case.
>
>* it is not very hard for a hacker to put a switch in a broadcastnig device
>mode, so switching does not increase security on this point
>_______________________________________________
>cobalt-security mailing list
>cobalt-security@xxxxxxxxxxxxxxx
>http://list.cobalt.com/mailman/listinfo/cobalt-security
x