[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] Replacing Telnet with SSH
- Subject: Re: [cobalt-users] Replacing Telnet with SSH
- From: Jim Popovitch <jimpop@xxxxxxxxx>
- Date: Wed Jun 20 09:11:07 2001
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
--- "Rodolfo J. Paiz" <rpaiz@xxxxxxxxxxxxxx> wrote:
>
> Overall, agreed. However, Carrie is correct in saying that
> vulnerabilities have been found in the SSH1 protocol. She
> was indeed speaking of the protocol, not of an application.
Yes. Vulnerabilities have been found in both protocols. Advising
someone to use one over the other (especially when the other party is
possibly thinking of an application) is giving a false sense of
security.
Most of the vulnerabilities never really affected most hardened SSH
applications and therefore weren't major issues. I can think of a few
applications that support SSH2 that I would't be in a rush to install
on my servers, however I currently run a version of OpenSSH that only
supports SSH1, and I have great confidence in it's security.
Server and Systems Security is a developed habit more so than a learned
one. I would never be able to convince you of my methods in hardening
a box unless you have been in situations similar to me. Hanging a
server on the Internet makes one a security expert as much as buying a
pot makes one a master chef. There will always be those who are
satisfied w/ hotdogs, others demand better.
-Jim P.
__________________________________________________
Do You Yahoo!?
Get personalized email addresses from Yahoo! Mail
http://personal.mail.yahoo.com/