l i n u x - u s e r s - g r o u p - o f - d a v i s
Next Meeting:
July 7: Social gathering
Next Installfest:
Latest News:
Jun. 14: June LUGOD meeting cancelled
Page last updated:
2002 Apr 23 10:54

The following is an archive of a post made to our 'vox mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox] the lugod faq
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox] the lugod faq

On Mon, 22 Apr 2002, Mark K. Kim wrote:
> On Mon, 22 Apr 2002, Peter Jay Salzman wrote:
> > i plan on finding some of mike egan's past posts and pasting them
> > verbatim into the faq.   :-)
> Mike Egan's postings always needs to be trimmed before being made public.
> Always.  No exceptions.  Same with Mike Simon's postings.

I think my genetic code was compiled with a debug option and with
-vvvvvvvv. ;-)

The length of my responses comes with having to deal with a few twits who
found exceptions in what I posted. Now I include clarifications and try to
include exceptions and limits to statements so as to not cause dissention.

You should never use telnet.


Under most circumstances, it is better to use a challange-response based
authentication to access an interactive session which has better security
and enctryption such as SSH.

You will also want to make sure your copy of SSH is up-to-date as it is a
piece of software that continues to be examied by black hats and white
hats for weaknesses and when security holes become exploits, shell access
to your server is just a download away for even the newest

In most circumstances, telnet is a poor choice with security in mind.
Username and passwords pass across the wire unencrypted, and people with
sniffers may be able to save your password and username to later log into
your machine with your privs. In addition, programs like hunt can allow a
man-in-the-middle attack and take over existing sessions without even
having a password and then issue commands as you.

For all of the above reasons, including reasons not mentioned here, you
should avoide using telnet and switch to SSH. Turning off telnet and
replacing it with a new version of SSH is usually the better choice.

Of course, there are exceptions to the above.

(Taken from an actual post.)



Version: 3.12
GCS/CM$/IT$/LS$/S/O$ !d--(++) !s !a+++(-----) C++$(++++) U++++$(+$) P+$>+++ 
L+++$(++) E W+++$(+) N+ o K w+$>++>+++ O-@ M+$ V-$>- !PS !PE Y+ !PGP
t@-(++) 5+@ X@ R- tv- b++ DI+++ D+ G--@ e+>++>++++ h(++)>+ r*>? z?
decode: http://www.ebb.org/ungeek/ about: http://www.geekcode.com/geek.html

vox mailing list

LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
O'Reilly and Associates
For numerous book donations.