Firewalls: Re: Plain-text passwords

Firewalls
(November 1996)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Plain-text passwords
From:	Todd Graham Lewis <lists @ reflections . mindspring . com>
Date:	Fri, 8 Nov 1996 13:30:37 -0500 (EST)
To:	Craig Brozefsky <cosmo @ ebs . net>
Cc:	firewalls @ GreatCircle . COM
In-reply-to:	<Pine . LNX . 3 . 91 . 961108110641 . 27960C-100000 @ gilligan . ebs . net>

On Fri, 8 Nov 1996, Craig Brozefsky wrote:

> deslogin is pretty good to, and unlike S/Key or SSH, I know of noone who 
> has found methods to attack it succesfully.

Cool; I'll look into it.

> Make sure you are using Kerb5 at least, although reportedly there are 
> exploits for Kerb5.  Kerb4 should be considered broken IMO.

Definitely.  If you use kerberos, be sure to get the latest beta of 
version 5 from MIT.  Most vendors' stock versions are still v4 (groan), 
not that we'd run vendor versions of important software anyway.  (Anyone 
out there running stock sendmail on a solaris box?  8^)

> What context would you be using it in?

What context would you be asking that question in?  8^)

Same as ssh; secure access to server and other machines, with all the 
bells and whistles that kerberos gives you.

__
Todd Graham Lewis             Linux!                 Core Engineering
Mindspring Enterprises  tlewis @
 mindspring .
 com   (800) 719 4664, x2804

Follow-Ups:

Re: Plain-text passwords
From: Craig Brozefsky <cosmo @ ebs . net>

References:

Re: Plain-text passwords
From: Craig Brozefsky <cosmo @ ebs . net>

Indexed By Date	Previous:	Re: firewall-1's problem From: "Conrad Minor" <minorc @ reston . ans . net>
Indexed By Date	Next:	Re: firewall-1's problem From: "Paul D. Robertson" <proberts @ clark . net>
Indexed By Thread	Previous:	Re: Plain-text passwords From: Craig Brozefsky <cosmo @ ebs . net>
Indexed By Thread	Next:	Re: Plain-text passwords From: Craig Brozefsky <cosmo @ ebs . net>