[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] InterBase

Subject: RE: [cobalt-users] InterBase
From: "Peter Masloch" <peter@xxxxxxxxxxx>
Date: Wed Jun 5 18:02:01 2002
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

Bruce, there is a "little" difference between telnet and
ftp. If i get ftp user access to your server, there is not
much i can do. But if i get telnet user access to your 
server....you are done. 
The admin webloging also is clear text, by the way.
Not very secure.


> Tom Thomas wrote:
> > 
> > Bruce I cannot find in the manual how to start a shell session, 
> > perhaps I should enable telnet to do so but the manual 
> advises against 
> > that as it is so insecure, is there ssh?
> 
> Telnet is shipped on the box, and is the "official" way to 
> connect to the server for a shell session on all Sun Cobalt 
> products except the new RaQ550, which has SSH _and_ telnet 
> preconfigured on the server.
> 
> Telnet is insecure because it transmits all session data, 
> including usernames and passwords, in clear text. SSH 
> encrypts everything in comparison.  There is a higher chance 
> of someone intercepting your password if you use telnet, but 
> in reality, the chances of someone "on the 'net" watching the 
> wire just as your password etc goes flying by is _very_ 
> small.  The major concern would be someone who's more focused 
> on the number of servers they are scanning, namely your 
> hosting company, rather than tapping the entire pipe.
> 
> NOTE TO FLAMERS: I AM NOT ADVOCATING TELNET. Just saying that 
> it is still relatively unlikely for you to get "hacked" just 
> because you use telnet to access your server.  There are many 
> people who use SSH to do shell stuff, but still use 
> "insecure" FTP to transfer all their files. Doh! - Same 
> problem as telnet there...  but IMO, you're more likely to 
> get hacked due to an exploit for a library or application on 
> the server than you are just by using telnet for some 
> occasional shell sessions.
> 
> You can install SSH on your server by grabbing the 
> appropriate PKG from http://pkgmaster.com. Note - this is not 
> an official or supported addition to your server. Use at your 
> own risk.
> 
> --
> Bruce Timberlake
> Sun Cobalt Technology Engineer
> Sun Microsystems, Inc.
> 
> E: bruce.timberlake@xxxxxxx
> T: 877-718-3569 / x69369
> 
> _______________________________________________
> cobalt-users mailing list
> cobalt-users@xxxxxxxxxxxxxxx
> To Subscribe or Unsubscribe, please go to: 
> http://list.cobalt.com/mailman/listinfo/cobalt> -users
> 
>

Follow-Ups:
- Re: [cobalt-users] InterBase
  - From: Steve Werby

References:
- Re: [cobalt-users] InterBase
  - From: Bruce Timberlake

Prev by Date: Re: [cobalt-users] Server side includes?
Next by Date: [cobalt-users] Telnet (Was Re: InterBase)
Previous by thread: Re: [cobalt-users] InterBase
Next by thread: Re: [cobalt-users] InterBase

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index