-----BEGIN PGP SIGNED MESSAGE-----
On Thu, 7 Nov 1996, Lawrence Beobachter wrote:
> Hello!
>
> I tried tcpdump on FreeBSD and it turned out that login information
> during telnet sessions as well as USER and PASS info sent by pop-client
> are both xmitted in plain text <shudder>.
> Is there any solution besides S/Key (please, include pointers) to
> block this don't-know-how-to-call-it hole.
Have a look at SSLeay and SSLtelnet. SSL is an excellent freeware
implementation of Netscape's SSL (Secure Socket Layer) encryption
standard. SSL telnet is a patched version of telnet and telnetd which can
use SSL.
I have SSL telnet configured on our firewall machine to reject all
non-encrypted telnet connections.
You can get clients for Windows and unix. There are also freely available
SSLftp and a SSL version of apache.
ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL (SSL library)
ftp://ftp.psy.uq.oz.au/pub/Crypto/SSLapps (SSL apps)
Regards,
Damien Miller
| Damien Miller -
| Email: dmiller @
vitnet .
com .
sg (PGP and MIME ok)
| WWW: http://www.vitnet.com.sg/dmiller
| PGP public key: send me an email with "send file pgp_key" as the subject
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
iQEVAwUBMoKAs7rHgZ2SMrItAQEUTQf/TVsdIVAoltRBN4pxfXdNf+Ti0Fq6QxW3
R3lzsmRZdBZ5Oxb+HkQJrG6SpYX2H92PUFo1J2X49ZTF6vqhZVmkjXdDXicEKvNY
gD/OIXl2mexTMAO6eNDYcw3/IzGTvKlaeqKm+Cxt7j0s6dHd6DhSQXFG5pG4+6Jp
NRo2mcpykPB7ljznL/8fbXKOJEmJytOkRTXOyy4rYSZ4oc7Ru8hT+OB3QR4Jw7Ex
SUk1ehQq4GliI83gq9D2xkG7rn7pCAgtIJgHJM+XC2SiVCyUVvkOksxr635+3R+z
8z5nPWszwe/zP3/wCrSE37Vz7qh79pyVzI0muxEPp7SeP1Iu398Ppg==
=wjmC
-----END PGP SIGNATURE-----
Follow-Ups:
References:
|
|
