> with an unknown host. SSH is dependant on a know_host. If information
> about a host is not known (public/server key) then SSH is every bit as
> easy to eaves drop as FTP. There are many tools that will easily
in this case FTP is more secure, because it's easier to set up PKI and
this way che
On Tue, Sep 28, 2004 at 08:23:49PM -0300, Peter Cordes wrote:
> Not if the pattern you want to ignore is more than one line. egrep is
> purely line-by-line. This worm (or script-kiddie zombie?) always tries
> root, admin, then test, ...
That doesn't seem to be the case. The most common one use
On Tue, Sep 21, 2004 at 01:45:46PM +0100, Steve Kemp wrote:
> On Sun, 19 Sep 2004, martin f krafft wrote:
>
> > > If you ask me, logcheck should learn how to evaluate log messages in
> > > their context...
>
> If you want to have instant alerts of problems then logcheck is
> what you want.
Assuming the U.S. government doesn't freak out and stop it, IPSEC
encryption will soon(?) be used for all internet communication, which
hahahahahahahahahaha
agreed - hahahahahahahahahahahahahahahahahahahaha
--elijah
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Tr
On Tue, Sep 28, 2004 at 11:15:09AM -0400, Alfie wrote:
Assuming the U.S. government doesn't freak out and stop it, IPSEC
encryption will soon(?) be used for all internet communication, which
hahahahahahahahahaha
Mike Stone
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe
--- Adam Majer <[EMAIL PROTECTED]> wrote:
> I know I will open a can of worms here, but telnet might actually be
> a
> better solution than ssh if you are using IPSec. I would say IPSec
> obsoletes ssh in favour of telnet.
The reasoning behind using ssh, even when using IPSec, is a simple
matter o
Dale Amon wrote:
>The question asked was "why is anyone still using telnet
>when there is ssh".
>
>
[snip]
>So no, I was not replying about Debian fixes, I was replying
>to the general question of 'why telnet at all'.
>
>
I know I will open a can of worms here, but telnet might actually be
On Tue, 28 Sep 2004 at 03:23:15AM -0400, Daniel Pittman wrote:
> Fast I would concede, and easy is a matter of taste, mostly.
>
> I don't know what you imagine is "encrypted" in FTP, though, since that
> is not part of the specification or the standard implementations.
>
> Unless you run an SSL-e
On Mon, 27 Sep 2004 at 04:08:38PM -0400, Greg Folkert wrote:
> I have no problems with scp, best part there isn't the mistaken problem
> of transfer in ASCII mode, when it should be in IMAGE mode (or BINARY
> mode) or Vice-Versa.
ASCII mode actually serves a purpose when you are communicating wit
On Sun, 2004-09-26 at 18:58 -0600, s. keeling wrote:
> No-one should have to apologise for warning against bad security
> practices. $DEITY knows the Windows crowd doesn't care about it, but
> we're better than that, right? One unpatched Microsh*t box in your
> LAN, and one nitwit using IE, and y
On Tue, Sep 28, 2004 at 11:15:09AM -0400, Alfie wrote:
> Assuming the U.S. government doesn't freak out and stop it, IPSEC
> encryption will soon(?) be used for all internet communication
That's the funniest thing I've read in a long time. Unless you mean
"soon" on an astronomical time scale, and
On Tue, Sep 28, 2004 at 09:35:50AM -0400, Greg Folkert wrote:
> BTW, I won't get into any further arguments about ftp, mainly I am
> convinced its usefulness is past. Remember *I* *AM* *CONVINCED*, which
> means *OPINION*. Sure other options exist, but FTP in the > 5 years ago
> old school sense is
On Mon, 27 Sep 2004 00:39, Lorenzo Hernandez Garcia-Hierro <[EMAIL PROTECTED]>
wrote:
> > Most of the features you list are things that are difficult to get into
> > Debian/main.
>
> Not too really difficult, it depends on how it gets developed:
> http://www.debian-hardened.org/wiki/index.php/CVS_
On Mon, Sep 27, 2004 at 06:38:03PM +0200, Adrian 'Dagurashibanipal' von Bidder wrote:
> > for foo in `find . -name "something"`
>
> Note that
> $ for foo in `command outputting a list of filenames`
>
> should *always* be replaced by
>
> $ said command | while read foo; do ...
>
> (Or, for triv
On Tue, 2004-09-28 at 12:23 +0200, Dariush Pietrzak wrote:
> I would suggest updating one's knowledge at least every ~5 years or so...
> (it's easy for me to say, because i'm still learning, maybe people with
> decades of IT experience find it more difficult to follow development of
> standards)
W
> Why, no. That specification being for TLS, it has very little to do
correct, sorry, I pasted wrong link,
> > http://www.faqs.org/ftp/internet-drafts/draft-murray-auth-ftp-ssl-13.txt
but still, this draft is already several years old, I wrote perl ftp client
based on it ~1 year ago, last time
On 28 Sep 2004, Dariush Pietrzak wrote:
>>
>> I don't know what you imagine is "encrypted" in FTP, though, since that
>> is not part of the specification or the standard implementations.
>
> oh, not part of THIS: http://www.ietf.org/rfc/rfc2246.txt specification?
> that is like, what, 5 years old?
>
> I don't know what you imagine is "encrypted" in FTP, though, since that
> is not part of the specification or the standard implementations.
oh, not part of THIS: http://www.ietf.org/rfc/rfc2246.txt specification?
that is like, what, 5 years old?
Well, what about this:
http://www.ford-hutchi
On Mon, Sep 27, 2004 at 01:27:46PM +0100, Steve Kemp wrote:
>On Sun, Sep 26, 2004 at 03:46:44PM +0200, Robert Millan wrote:
>
>> > CVE Name: CAN-2004-0414, CAN-2004-0416, CAN-2004-0417, CAN-2004-0418,
>> > CAN-2004-0778
>
> CAN-2004-0416, CAN-2004-0417, and CAN-2004-0418 were
On 28 Sep 2004, Dariusz Pietrzak wrote:
>>
>> ftp == good enough for public upload and download in a chroot
>> environment.
>>
>> scp == the preferred method for data transfer between machines. Nearly
>> as fast on semi-modern machines. pscp == the windows equivalent for
>> regault *NIXX scp.
>
> W
20 matches
Mail list logo