Full Disclosure mailing list archives
Re: Re: Re: Re: open telnet port
From: Andrew Farmer <andfarm () teknovis com>
Date: Fri, 10 Sep 2004 14:16:43 -0700
On 10 Sep 2004, at 04:42, ktabic wrote:
On Thu, 2004-09-09 at 14:39 +0100, Dave Ewart wrote:How about, as a service to enable as you are updating SSH remotely from the other side of the country to fix the most recent problem security problem and need a backup system to get into the server in the event that something goes wrong?Given that, in the above description, you're basically advocating thatyour *only* use of Telnet would be to send the root password across the'net to troubleshoot SSH :-)Given that above description, there is no mention of anybody sending anything that even looks like a password over the net in plain text. Of course, most people would be, but not everyone. You are also presuming that the root account even requires logging in, which is also not nessercary.
What, are you advocating that we set our root accounts to not require a password to log in?
There is nothing wrong with plain text at all, in most circumstances.It's just that *everyone* has presumed that passwords that are a) reusedfor the next session and b) the root one, will be sent in plain text.
As far as I know, there are no current Telnet server implementations that will encrypt login passwords (or other passwords entered during the login
session: the user's password for su or sudo, gpg passphrases, ...)
Of course, if you know you are sending in plain text, you take steps to make sure that nothing critical is transmitted in the first place, which, imho is a better situation than relying totally on the fact you are encrypted, which may or may not be true.
Not plaintext === encrypted. What are you trying to say here?
Attachment:
PGP.sig
Description: This is a digitally signed message part
Current thread:
- Re: Re: Re: open telnet port, (continued)
- Re: Re: Re: open telnet port Andrew Haninger (Sep 09)
- Re: Re: Re: open telnet port ktabic (Sep 09)
- Re: Re: Re: open telnet port Andrew Haninger (Sep 09)
- Re: Re: Re: open telnet port Valdis . Kletnieks (Sep 09)
- Re: Re: Re: open telnet port Paul W. Roach III (Sep 09)
- Re: Re: Re: open telnet port Andrew Farmer (Sep 09)
- Re: Re: Re: open telnet port Kenneth Ng (Sep 09)
- Re: Re: Re: open telnet port Volker Tanger (Sep 09)
- Re: Re: Re: open telnet port Dave Ewart (Sep 09)
- Re: Re: Re: Re: open telnet port ktabic (Sep 10)
- Re: Re: Re: Re: open telnet port Andrew Farmer (Sep 10)
- Re: Re: Re: Re: open telnet port Gary E. Miller (Sep 10)
- Re: Re: Re: Re: open telnet port Andrew Farmer (Sep 10)
- Re: Re: Re: Re: open telnet port Gary E. Miller (Sep 11)
- Re: Re: Re: Re: open telnet port Andrew Farmer (Sep 11)
- Re: Re: Re: Re: open telnet port Gary E. Miller (Sep 12)
- Re: Re: Re: Re: open telnet port ktabic (Sep 11)
- Re: Re: Re: open telnet port Barry Fitzgerald (Sep 09)
- Re: Re: Re: open telnet port Raj Mathur (Sep 09)
- Re: Re: Re: open telnet port Barry Fitzgerald (Sep 10)
- Re: Re: open telnet port A.J. (Sep 09)