nanog mailing list archives
Re: IT security people sleep well
From: "Alexei Roudnev" <alex () relcom net>
Date: Thu, 3 Jun 2004 23:23:15 -0700
This is very bad - they have SSH in extended versions, why did not they included it into all versions, where it was possible without running out of flash memory. Through, it is not so unsecured - in most cases people restricts access to a few IP sources, which are located on the internal network, or even allows only console access; but anyway, not a good thing. They could (at least) allow changing telnet port
On Thu, 03 Jun 2004 13:16:44 PDT, Eric Kuhnke <eric () fnordsystems com>
said:
The part about Telnet is truly scary... Among people who have
"clue",
the biggest reason I have heard to continue running ssh1 is for emergency access via hand-held smartphones or other pocket sized devices. The Handspring Treo 180 and similar keyboarded cellphone-pda devices don't have the CPU power necessary for a SSH2 key exchange, unless I'm drastically mistaken about the FPU abilities of a 33 MHz Motorola Dragonball...Cisco 26xx, 36xx routers at least, current 12.3 IOS, no ssh support in the basic loads that I can find. Telnet is the only way in other than the console port.
Current thread:
- IT security people sleep well Sean Donelan (Jun 02)
- Re: IT security people sleep well Crist Clark (Jun 03)
- Re: IT security people sleep well Mike Lewinski (Jun 03)
- Re: IT security people sleep well Eric Kuhnke (Jun 03)
- Re: IT security people sleep well Valdis . Kletnieks (Jun 03)
- Re: IT security people sleep well Daniel Senie (Jun 03)
- Re: IT security people sleep well Alexei Roudnev (Jun 03)
- Re: IT security people sleep well Edward B. Dreger (Jun 04)
- Re: IT security people sleep well Daniel Corbe (Jun 07)
- Re: IT security people sleep well Rafi Sadowsky (Jun 07)
- Re: IT security people sleep well Crist Clark (Jun 03)
- Re: IT security people sleep well Jeff Shultz (Jun 03)
- Re: IT security people sleep well Edward B. Dreger (Jun 04)
- Re: IT security people sleep well Jonathan Nichols (Jun 03)
- RE: IT security people sleep well John Ferriby (Jun 03)
- Re: IT security people sleep well Jonathan Nichols (Jun 03)
- Re: IT security people sleep well John Kinsella (Jun 03)
- Re: IT security people sleep well Joel Jaeggli (Jun 04)