Mailing List ArchiveSupport open source code!
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]Re: Localhost connection refused
- To: tlug@example.com
- Subject: Re: Localhost connection refused
- From: Jonathan Q <jq@example.com>
- Date: Mon, 9 Jul 2001 01:40:40 +0900
- Content-Transfer-Encoding: 7bit
- Content-Type: text/plain; charset=us-ascii
- Delivered-To: tlug@example.com
- In-Reply-To: <5.0.2.1.0.20010707120334.00b23be8@example.com>; from scottro@example.com on Sat, Jul 07, 2001 at 12:05:10PM -0400
- List-Help: <mailto:tlug-request@example.comsubject=help>
- List-Post: <mailto:tlug@example.com>
- List-Subscribe: <mailto:tlug-request@example.comsubject=subscribe>
- List-Unsubscribe: <mailto:tlug-request@example.comsubject=unsubscribe>
- Old-Return-Path: <jq@example.com>
- References: <01070813232100.08656@example.com> <008001c10778$bb349560$9455fea9@example.com> <5.0.2.1.0.20010707120334.00b23be8@example.com>
- Reply-To: tlug@example.com
- Resent-From: tlug@example.com
- Resent-Message-ID: <ch2AgD.A.eaE.7zIS7@example.com>
- Resent-Sender: tlug-request@example.com
I have to take serious issue with this. Scott (scottro@example.com) wrote: > on 15:39 2001/07/08 +0900, Glenn Evanish wrote > > I'm going to modestly recommend mine :) Modesty is certainly called for. Telling people that telnet is not a security problem is a real disservice and quite inaccurate. Telling people how to enable telnet is also a disservice. You state: ----- A quick interjection on ssh here--many people say, telnet is insecure, use ssh instead. Although ssh encrypts user names and passwords, those who know a lot about these things tell me that it doesn't offer a great deal more security than telnet. So, if you have ssh running, don't sit back and be sure that you're secure. ---- Would you like to explain to us all how sending an encrypted sessions is not worlds more secure than sending a complete clear-text sessions, password and userid included? To state that ssh doesn't offer a great deal more security than telnet is just plain false. Putting up a page that states that is irresponsible, at best. SSH is *much* more secure than telnet. If you think you can explain how an encrypted session is not far more secure than a cleartext session, please go ahead. Perhaps you're in the habit of sending your credit card numbers to non-SSL site? POPping to the same box, or any box where you have the same userid and password. If the network is end-to-end switched, this is less of a concern (since the attacker would have to compromise the destination box or a router in the destination network; if it's not switched, any box on the target LAN will do. However, the fact that POP is both insecure and widespread is NOT an argument to reduce security even further by using telnet. SSH also doesn't protect you from a luser being stupid and using an easily brute-forced password, but if a proper password is used, anyone who intercepts an ssh session is going to spend a *long* time trying to decrypt it. Since most crackers have neither a Cray nor a Beowulf cluster in the garage, SSH makes you pretty safe. A properly secure installer for <insert OS of your choice here> would not even include telnet. It would force you to do it manually after the fact if your really wanted it. I hope you'll remove that page entirely. It's a disservice to *nix beginners. If you don't, at least please make it accurate WRT the relative security of telnet and ssh, and include a warning that the reader should *not* enable telent, but if s/he is bound and determined to do it against all better judgement, here's how Regards, Jonathan -- There is Bag of Modul in the router
- Follow-Ups:
- Re: Localhost connection refused
- From: Scott <scottro@example.com>
- References:
- Localhost connection refused
- From: John De Hoog <dehoog@example.com>
- Re: Localhost connection refused
- From: "Glenn Evanish" <glenn@example.com>
- Re: Localhost connection refused
- From: Scott <scottro@example.com>
Home | Main Index | Thread Index
- Prev by Date: Re: Localhost connection refused
- Next by Date: Re: Localhost connection refused
- Prev by thread: Re: Localhost connection refused
- Next by thread: Re: Localhost connection refused
- Index(es):
Home Page Mailing List Linux and Japan TLUG Members Links