[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [cobalt-security] re: Telnet security
- Subject: RE: [cobalt-security] re: Telnet security
- From: Fred <journal@xxxxxxx>
- Date: Wed, 25 Apr 2001 18:47:49 +0200
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Hello Adam
I agree with you
A neophyte qestion please (I have Raq3 )
How do you configure ssh2 on a on a non-standard listening port ?
Do it with interface ? or in shell ? Which commands ? (complete list
please)
May this not
Frederic
"First step in security"
> SSH1 logins can also be sniffed and cracked in a switched environment, use
> SSH2 on a non-standard listening port
> Adam
> *********** REPLY SEPARATOR ***********
> On 25/04/2001 at 15:41 Reinoud van Leeuwen wrote:
>>> Reinoud van Leeuwen wrote:
>>> > If you login through *telnet* over a public network, you
>>> have a lot to worry
>>> > about! Telnet is so insecure, people can just sniff your
>>> password to get
>>> > into your box... (no hacking needed)
>>>
>>> Which people are those who can sniff your password? Network
>>> administrators
>>> and such, but how does an 'ordinary' user watch theinternet
>>> promiscuously?
>>
>>Anyone on the same LAN segment (it does not matter whether it is switched
>>or
>>not*) can sniff your traffic. So unless you control all the links between
>>your workstation and the server you log in, you cannot be sure that you
>>are
>>not sniffed. This is usually the case in normal office environments, or
>>people that connect through an ISP to their servers.
>>If your workstation is on a dedicated management LAN, were you can trust
>>all
>>the hosts (and you are 100% sure that they are not 0wn3d), it is another
>>case.
>>
>>* it is not very hard for a hacker to put a switch in a broadcastnig
>>device
>>mode, so switching does not increase security on this point
>>_______________________________________________
>>cobalt-security mailing list
>>cobalt-security@xxxxxxxxxxxxxxx
>>http://list.cobalt.com/mailman/listinfo/cobalt-security
> x
> _______________________________________________
> cobalt-security mailing list
> cobalt-security@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-security