It certainly is when someone gets on your switch and configures a SPAN port.
Last audit I performed they gave the same arguments to their use of telnet and ftp and ended with over 90% of their systems compromised to some degree. Granted this case was pretty extreme but you should certainly consider it. Regards, Greg van der Gaast Ordina Public West Security Services -----Oorspronkelijk bericht----- Van: Trevor Cushen [mailto:[EMAIL PROTECTED]] Verzonden: Monday, October 07, 2002 5:03 PM Aan: [EMAIL PROTECTED] Onderwerp: Is SSH worth it?? Hello all, Quick opinion based question. I have an switched internal network that currently uses a lot of rcp with rsh authentication to moves files about. Platforms are unix and nt (ftp on the nt side) More secure is ssh and scp for all platforms, but I have several scripts that would all have to be re-written and a fair bit of setting up for all the clients and servers involved throughout the organisation. The questions is this; On an internal network that is switched (making sniffing harder) is it worth going to SSH and SCP?????? I am aware how to set it all up but the thing is, is it worth it. Bare in mind also that few people have passwords to the boxes and the only real threat is sniffing the traffic. All opinions welcome, thanks Trevor Cushen Sysnet Ltd www.sysnet.ie Tel: +353 1 2983000 Fax: +353 1 2960499