-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
> The questions is this; > > On an internal network that is switched (making sniffing harder) is it > worth going to SSH and SCP?????? You already seem to know the basic fact a lot of people get confused with... sniffing switched networks is possible. :) In my opinion (from reading lots you understand :] ) is that the r* commands are very insecure. I believe usernames and passwords are clear text, and therefore vulnerable to sniffing. Combine this with the fact that the people on your "internal" network may not be limited to who you *think* is on your network. I would go for the more secure option every time. I only have 2 machines and I ssh between them, even on a lowly dial-up. You never, ever know who is really on your networks. > I am aware how to set it all up but the thing is, is it worth it. Bare > in mind also that few people have passwords to the boxes and the only > real threat is sniffing the traffic. Depends what your data is. If your data and/or network is important then you should use every means possible to secure it. Even if the usernames and passwords are for "humble users" it doesn't mean they are sacrificial. I'll leave you with a thought I have been left with after some insightful training - it sticks in the back of my mind like a beacon. "local access = root access". If a malicious user gets local access through any means they are HIGHLY likely to gain root/admin - It is simply a question of time. > All opinions welcome, > thanks You have mine :) Mike - -- By three methods we may learn wisdom: First, by reflection, which is noblest; Second, by imitation, which is easiest; and third by experience, which is the bitterest. --Confucius -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE9ofuM8EqADYNpcNQRAquDAJ9NdFejL1JUhCK5If89huGoWb2z4QCfQGfY Hw34hRgeAX8tY0Od3zdoGCw= =fDN8 -----END PGP SIGNATURE-----