Firewall Wizards mailing list archives

RE: What's the deal with SSH? (was: PIX software release 5.2)

From: Carson Gaspar <carson () gnac com>
Date: Fri, 22 Sep 2000 15:32:06 -0700

--On Wednesday, September 20, 2000 8:55 PM -0500 shewitt () cdw com wrote:

Pardon my ignorance with this, but what's the big deal about using
something like SecureCRT?  That's basically a secure telnet, right?  I do
all my configuring of my PIXen from the inside interface, and I'm on a
almost completely switched network.  So, I'm not too concerned about
somebody sniffing my telnet session.  Do you use SSH to protect against
people sniffing on local segments, or is the concern when going across the
internet?  Also, I only enable telnet on the inside interface, so I don't
even worry about people connecting from the outside interface.   Could
somebody please shed some light on this?

If you don't worry about cleartext passwords flying about your internalnetwork, you either have a rather small internal network, or are amazinglynaive. Cleartext passwords are insecure. Period.


--
Carson Gaspar -- carson () certaintysolutions com
Security Architect -- Certainty Solutions, Inc.


_______________________________________________
Firewall-wizards mailing list
Firewall-wizards () nfr net
http://www.nfr.net/mailman/listinfo/firewall-wizards

Current thread:

RE: What's the deal with SSH? (was: PIX software release 5.2) shewitt (Sep 22)
- RE: What's the deal with SSH? (was: PIX software release 5.2) Carson Gaspar (Sep 22)
- <Possible follow-ups>
- RE: What's the deal with SSH? (was: PIX software release 5.2) sean . kelly (Sep 25)
  - RE: What's the deal with SSH? (was: PIX software release 5.2) Robert Purdy (Sep 26)