Re: SSH or Telnet?
From: Benjamin Krueger (benjamin@macguire.net)
Date: 03/30/02
- Next message: Willie Viljoen: "Re: using ssh to run remote commands? [ssh -T, scp/ssh flags]"
- Previous message: Chris BeHanna: "Re: SSH or Telnet?"
- In reply to: Chris BeHanna: "Re: SSH or Telnet?"
- Next in thread: Jason Stone: "Re: SSH or Telnet?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 29 Mar 2002 19:55:29 -0800 From: Benjamin Krueger <benjamin@macguire.net> To: Chris BeHanna <behanna@zbzoom.net>
* Chris BeHanna (behanna@zbzoom.net) [020329 19:05]:
> On Fri, 29 Mar 2002 ark@eltex.ru wrote:
>
> > -----BEGIN PGP SIGNED MESSAGE-----
> >
> > What's wrong with telnet? I use it frequently and i am pretty satisified with
> > it.
> >
> > (I don't need to encrypt sessions, there is no sensitive information inside.
> > Don't tell me about cleartext passwords, there are no cleartext passwords.
>
> Have a look at ethereal or dsniff. You will be surprised.
>
> > And if you really need encryption you may run telnet over ipsec)
>
> IPsec is a VPN solution. If someone in the LAN to which you're
> VPN-ing is running a sniffer, then what?
>
> --
> Chris BeHanna
> Software Engineer (Remove "bogus" before responding.)
> behanna@bogus.zbzoom.net
> I was raised by a pack of wild corn dogs.
Our unsuspecting user logs in to the nameserver to update the pornserve.domain.com
zone record for the new porn server (yay!).
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
roo@rain:~> telnet fog
Trying 10.0.0.50...
Connected to fog.DOMAIN.
Escape character is '^]'.
HP-UX fog B.11.00 A 9000/712 (t0)
login:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
MEANWHILE, IN THE CAVE OF EVILDOERS!
Joe Deluer, Evil Hax0r Extrodinaire, listens closely on an upstream link...
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
dsniff: listening on fxp0
dsniff: trigger_tcp: decoding port 23 as telnet
-----------------
03/29/02 19:42:33 tcp rain.macguire.net.1392 -> fog.macguire.net.23 (telnet)
roo
test123
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Ah Ha!", says Joe, "I will 0wn j00 my pretty and your delicious pr0n too!".
--- "... there are no cleartext passwords." DESCRIPTION dsniff is a password sniffer which handles FTP, Telnet, SMTP, HTTP, POP, poppass, NNTP, IMAP, SNMP, LDAP, Rlogin, RIP, OSPF, PPTP MS-CHAP, NFS, VRRP, YP/NIS, SOCKS, X11, CVS, IRC, AIM, ICQ, Napster, PostgreSQL, Meeting Maker, Citrix ICA, Symantec pcAnywhere, NAI Sniffer, Microsoft SMB, Oracle SQL*Net, Sybase and Microsoft SQL protocols. -- Benjamin Krueger "Life is far too important a thing ever to talk seriously about." - Oscar Wilde (1854 - 1900) ---------------------------------------------------------------- Send mail w/ subject 'send public key' or query for (0x251A4B18) Fingerprint = A642 F299 C1C1 C828 F186 A851 CFF0 7711 251A 4B18 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
- Next message: Willie Viljoen: "Re: using ssh to run remote commands? [ssh -T, scp/ssh flags]"
- Previous message: Chris BeHanna: "Re: SSH or Telnet?"
- In reply to: Chris BeHanna: "Re: SSH or Telnet?"
- Next in thread: Jason Stone: "Re: SSH or Telnet?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
