Re: telnet break-in

To: Debian User List <debian-user@lists.debian.org>
Subject: Re: telnet break-in
From: Ossama Othman <othman@astrosun.tn.cornell.edu>
Date: Tue, 25 Aug 1998 14:14:21 -0400 (EDT)
Message-id: <[🔎] Pine.GSO.4.02.9808251410500.1589-100000@breezy.tn.cornell.edu>
Reply-to: Ossama Othman <othman@astrosun.tn.cornell.edu>
In-reply-to: <[🔎] Pine.LNX.3.96.980825110245.19709A-100000@calvin.shorelink.com>

> > can't use Secure Shell, you might want to try One-Time Password packages,
> > such as OPIE.  I believe that even WU-FTP is starting to support one time
> > passwords, too.
> 
> Uhm, secure shell is not the answer to all problems. It WILL revert to an
> unsecure protocol if the other end can not establish an encrypted session.

The idea is to make sure all machines use Secure Shell.  I know this isn't
always possible, but we don't live in an ideal world.  :)

> Also, it is still just as easy to log in with a cracked password. About
> the only thing it is really great at is making sure that the other machine
> really has permission for a password-less login. Still, even THIS can be
> hacked if someone has gotten onto the machine in the past and snarfed a
> copy of your public ssh key.

Hence the One-Time Password suggestion.  Either way, better to have/use
SSH than use telnet/ftp/r{login,sh,exec}.

-Ossama

Reply to:

Follow-Ups:
- Re: telnet break-in
  - From: George Bonser <grep@shorelink.com>

References:
- Re: telnet break-in
  - From: George Bonser <grep@shorelink.com>

Prev by Date: /var/log cleanout
Next by Date: Help installing Debian on UMSDOS file system?
Previous by thread: Re: telnet break-in
Next by thread: Re: telnet break-in
Index(es):
- Date
- Thread