Re: telnet vs ssl
On Mon, Jul 17, 2000 at 02:09:03PM -0400, Ethan Pierce wrote
> Hi, im wondering about the security of telnet - people say its really
> unsecure...does this mean that someone would need to be running a network
> sniffer on my ip to catch the data?
>
> I telnet to my ISP from work, (only telnet available) then run SSH from
> ISP shell to home machine....is this just as insecure as a straight
> connection via telnet right to my home machine?
>
Maybe, it depends how your data gets from work to your ISP.
If you're dialling up your ISP from work it's not so bad,
because only machines on your ISP's net can see the traffic from
your telnet session; if you're telnetting from your corporate
LAN across the Internet to your ISP then it's no better than
using Telnet alone.
You don't need an SSH server to use SSH from your workplace:
there are at least a couple of free Windows terminal programs
(teraterm pro and putty) that can use SSH, and you could
probably run them off a floppy. Of course, your workplace may
be paranoid about you using or installing unauthorised software,
in which case you should try to persuade them to authorise one
of these (if they are across the security issues it shouldn't be
a problem, provided they don't mind you using your home machine
on work time).
HTH,
John P.
--
huiac@camtech.net.au
john@huiac.apana.org.au
http://www.mdt.net.au/~john Debian Linux admin & support:technical services
Reply to: