nanog mailing list archives
Re: telnet vs ssh on Core equipment , looking for reasons why ?
From: "Stephen J. Wilcox" <steve () opaltelecom co uk>
Date: Tue, 31 Jul 2001 15:16:17 +0100 (BST)
true, but i would point out that if its your core equipment that you are accessing from your network that sits directly on the core then you should be happy with the fact that no one is eavesdropping and it makes no difference.not everyone has out-of-band networks for management. Management of devices is sometimes done thousands of miles away. Remember also that this traffic can be sniffed before it gets to the core (yes, ssh is sniffable aswell, but just not as easily, and atleast it's not in plaintext)
this is in-band. if as you say you are accessing from another network then this is where the encryption kicks in being useful, however that raises another question - do you just allow any host to connect providing they can authenticate? i know my login ports are restricted at both network and host level to specific authorized addresses...
so thats my main logic, authentication... i cant understand the big paranoia on people sniffing tho!unfortunately ssh is just as sniffable if it's an arp spoof, but hopefully it's not as easy for the naughty eavesdropper to get into the right position for that....
exactly, its probably easier to hack the box by other means than sniffing auth details! Steve
Current thread:
- Re: Hard data on network impact of the "Code Red" worm?, (continued)
- Re: Hard data on network impact of the "Code Red" worm? Christian Kuhtz (Jul 30)
- Re: Hard data on network impact of the "Code Red" worm? Hank Nussbacher (Jul 30)
- Re: Hard data on network impact of the "Code Red" worm? Valdis . Kletnieks (Jul 30)
- Re: Hard data on network impact of the "Code Red" worm? up (Jul 31)
- Re: Hard data on network impact of the "Code Red" worm? Vijay Gill (Jul 30)
- RE: Hard data on network impact of the "Code Red" worm? Roeland Meyer (Jul 31)
- telnet vs ssh on Core equipment , looking for reasons why ? Mr. James W. Laferriere (Jul 31)
- Re: telnet vs ssh on Core equipment , looking for reasons why ? fingers (Jul 31)
- Re: telnet vs ssh on Core equipment , looking for reasons why ? Stephen J. Wilcox (Jul 31)
- Re: telnet vs ssh on Core equipment , looking for reasons why ? fingers (Jul 31)
- Re: telnet vs ssh on Core equipment , looking for reasons why ? Stephen J. Wilcox (Jul 31)
- Re: telnet vs ssh on Core equipment , looking for reasons why ? alex (Jul 31)
- Re: telnet vs ssh on Core equipment , looking for reasons why ? Greg Maxwell (Jul 31)
- Re: telnet vs ssh on Core equipment , looking for reasons why ? alex (Jul 31)
- Re: telnet vs ssh on Core equipment , looking for reasons why ? Greg Maxwell (Jul 31)
- Re: telnet vs ssh on Core equipment , looking for reasons why ? alex (Jul 31)
- Re: telnet vs ssh on Core equipment , looking for reasons why ? fingers (Jul 31)
- Re: telnet vs ssh on Core equipment , looking for reasons why ? alex (Jul 31)
- Re: telnet vs ssh on Core equipment , looking for reasons why ? Scott Francis (Jul 31)
- telnet vs ssh on Core equipment , looking for reasons why ? Mr. James W. Laferriere (Jul 31)
- Re: telnet vs ssh on Core equipment , looking for reasons why ? fingers (Jul 31)
- RE: telnet vs ssh on Core equipment , looking for reasons why ? Deepak Jain (Jul 31)