Confusion.. For those who didnt see the first message. I said telnet is usefull, and try telnet over ssl.
> Therefore, DON'T RUN ANYTHING INSECURE. If you don't believe that giving > away login passwords UNENCRYPTED over the network is INSECURE, then I > can't help you on that. :) This and all your email comment can be answered on telnet over ssl. - Louie ----- Original Message ----- From: "Dean Michael Berris" <[EMAIL PROTECTED]> To: "Philippine Linux Users Group Mailing List" <[EMAIL PROTECTED]> Sent: Monday, September 15, 2003 9:42 PM Subject: Re: [plug] Telnet Problem > Hi Louie, > > #define IFF "if and only if" > > On Mon, 2003-09-15 at 16:26, Louie Miranda wrote: > > What crap?.. "telnet has no place in a secure network"? oh.. Pati ssh. > > IFF I were a Sysad trusted to secure a network and an overall system, I > would NOT DARE allow ANY point of compromise on ANY of the hosts I am in > charge of. IFF I were to secure something, I would do it with a paranoid > mindset, and not let anything pass me by. > > > Even remote shell (SSHd) tool can be compromised ;). Its a fact. In time may > > ANYTHING CAN be compromised. It's just a matter of letting others > compromise hosts you control or hosts you have jurisdiction over. > Security is something that should not be taken lightly, because a lot of > things rest on the competency and integrity of the system and the > administrators -- like sensitive business information, and data CRUCIAL > to the operation of an institution. > > We're not discounting the possibility of ANYTHING being compromised. > However, it wouldn't be wise to play with fire in a room full of rugs. > By allowing others to use an insecure tool, an insecure protocol, and an > insecure system, you are then exposing your whose system therefore > compromising the very integrity that is crucial on systems that need to > be secured. Letting others give away their password and commands IN > PLAIN TEXT on the local (or public) network is simply stupid. > > That's the point being made, and since the ssh protocol has measures > guarding against these, you would sleep better at night as an > administrator IFF you care about exhausting the available means and > maximizing the security measures available to you as you setup and > operate with the system you are administering. > > Even on your own box, if you don't care about people knowing what you > have on your box and possibly use it to mount attacks on others, then > fine go ahead and put all the insecure stuff you want in there. > Otherwise, you might as well take the measures you could and should to > be able to secure YOUR box, right? > > > darating > > na exploit for it, we all know that. > > > > At least we'll be prepared, and for now we'll be enjoying the security > being offered by the available technologies. > > > Go all the way? You're just going to install it, bat naman "circumcision"?. > > > > Lets say you install it. So kung inde mo gagamitin bakit mo ininstall? > What's the point? > > > Kaya nga, secure ur network always, etc. Be wise sa security.. lahat nang > > topics about security.. > > > > Therefore, DON'T RUN ANYTHING INSECURE. If you don't believe that giving > away login passwords UNENCRYPTED over the network is INSECURE, then I > can't help you on that. :) > > > IMO > > Of course, IYO. > > // All meant in good faith, and for the purpose of discussion only. > // No offense meant. SPAM and flames to [EMAIL PROTECTED] > > > - > > Louie > > > > Dean > > > -- > -=[mikhail]=- > <info> > <alias>Dean Michael C. Berris</alias> > <contact> > <phone type=home>+63 49 5680142</phone> > <phone type=mobile>+63 919 8720686</phone> > </contact> > <web type="homepage">http://free.net.ph/Members/mikhailberis</web> > <web type="blog">http://mikhailberis.blogspot.com</web> > <misc id="yahoo_id">mikhailberis</misc> > <misc id="gpg key">08AE6EAC</misc> > </info> > > -----BEGIN GEEK CODE BLOCK----- > Version: 3.12 > GCS d- s:+ a--- C++ UL++ P+ L+++ E- W+ N* o K w-- > O---- M- V-- PS+ PE Y+ PGP++ t+ 5 X+ R+ tv+ b++ DI+ D+ > G e h! r+ y+ > ------END GEEK CODE BLOCK------ > > -- > Philippine Linux Users' Group (PLUG) Mailing List > [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) > Official Website: http://plug.linux.org.ph > Searchable Archives: http://marc.free.net.ph > . > To leave, go to http://lists.q-linux.com/mailman/listinfo/plug > . > Are you a Linux newbie? To join the newbie list, go to > http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie -- Philippine Linux Users' Group (PLUG) Mailing List [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph . To leave, go to http://lists.q-linux.com/mailman/listinfo/plug . Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
