RE: [cobalt-security] re: Telnet security

[Fred <journal@xxxxxxx>]

Hello Adam

I agree with you

A neophyte qestion please (I have Raq3 )
How do you configure ssh2 on a on a non-standard listening port ?

Do it  with interface ? or in shell ? Which commands ? (complete list
please)

May this not

Frederic
"First step in security"

> SSH1 logins can also be sniffed and cracked in a switched environment, use
> SSH2 on a non-standard listening port

> Adam

> *********** REPLY SEPARATOR  ***********

> On 25/04/2001 at 15:41 Reinoud van Leeuwen wrote:

>>> Reinoud van Leeuwen wrote:
>>> > If you login through *telnet* over a public network, you
>>> have a lot to worry
>>> > about! Telnet is so insecure, people can just sniff your
>>> password to get
>>> > into your box... (no hacking needed)
>>>
>>> Which people are those who can sniff your password?  Network
>>> administrators
>>> and such, but how does an 'ordinary' user watch theinternet
>>> promiscuously?
>>
>>Anyone on the same LAN segment (it does not matter whether it is switched
>>or
>>not*) can sniff your traffic. So unless you control all the links between
>>your workstation and the server you log in, you cannot be sure that you
>>are
>>not sniffed. This is usually the case in normal office environments, or
>>people that connect through an ISP to their servers.
>>If your workstation is on a dedicated management LAN, were you can trust
>>all
>>the hosts (and you are 100% sure that they are not 0wn3d), it is another
>>case.
>>
>>* it is not very hard for a hacker to put a switch in a broadcastnig
>>device
>>mode, so switching does not increase security on this point
>>_______________________________________________
>>cobalt-security mailing list
>>cobalt-security@xxxxxxxxxxxxxxx
>>http://list.cobalt.com/mailman/listinfo/cobalt-security

> x

> _______________________________________________
> cobalt-security mailing list
> cobalt-security@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-security