On Thu, 7 Nov 1996, Jonathan M. Bresler wrote:
>
> >I tried tcpdump on FreeBSD and it turned out that login information
> >during telnet sessions as well as USER and PASS info sent by pop-client
> >are both xmitted in plain text <shudder>.
>
> Please realize that this is true of all internet applications
> that do not use encryption. (telnet, ftp, pop, X11, there are so
> many to chose from ;)
Yup. Everything. All of it, from top to bottom. Everyone and their
uncle should understand this fact and what it means.
> >Is there any solution besides S/Key (please, include pointers) to
> >block this don't-know-how-to-call-it hole.
>
> skey provides a one-time passwd, but does not provide encryption.
> take a look at ssh for one way of dealing with this problem.
SSH is nice, but unless you fork out $500 (or whatever datafellows is
charging this week) for a license for RSA, it is illegal to use in a
commercial context.
We are moving to Kerberos, and I for one love it. ftp://athena-dist.mit.
edu/pub/kerberos/README for instructions on how to get it.
__
Todd Graham Lewis Linux! Core Engineering
Mindspring Enterprises tlewis @
mindspring .
com (800) 719 4664, x2804
Follow-Ups:
References:
|
|
