Security Basics mailing list archives

RE: 3270 Terminal Emulator - Telnet Logins Sniffing

From: "Gibbs, Jason" <Jason.Gibbs () paradigmhealth com>
Date: Mon, 23 Jul 2007 16:27:46 -0400

This is true, Whenever possible try to use SSH or configure the
device/server for SSH. I like to use Putty but feel free to use the SSH
client flavor of the day.
J-

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Jacco
Sent: Friday, July 20, 2007 1:16 PM
To: security-basics () securityfocus com; winsoc
Subject: Re: 3270 Terminal Emulator - Telnet Logins Sniffing

hey, winsoc

all telnet sessions send  plain-text passwords over the network, it is
not a 
secure connection, any type of wireshark / ettercap type sniffer will be

able to intercept your login / passwords

Greetings Jacco"Dash" Rorman

"Ad Astra per Administratio Aspera"

----- Original Message ----- 
From: "winsoc" <winsoc () googlemail com>
To: <security-basics () securityfocus com>
Sent: Thursday, July 19, 2007 3:56 PM
Subject: 3270 Terminal Emulator - Telnet Logins Sniffing

Hey list,



can anyone confirm if 3270 Terminal Emulators which use Telnet to
communicate (tunnel) 3270 sessions, are susceptible to sniffing?

Ie. Is it possible to sniff the logins on that network?



Regards

winsoc




-- 
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.5.476 / Virus Database: 269.10.10/908 - Release Date:

7/19/2007

6:10 PM

Current thread:

3270 Terminal Emulator - Telnet Logins Sniffing winsoc (Jul 19)
- RE: 3270 Terminal Emulator - Telnet Logins Sniffing Smith, Ryan (Jul 20)
- Re: 3270 Terminal Emulator - Telnet Logins Sniffing Jacco (Jul 23)
  - RE: 3270 Terminal Emulator - Telnet Logins Sniffing Gibbs, Jason (Jul 23)