North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: FTP with authentication to RADIUS

  • From: Adrian Chadd
  • Date: Sat Jan 06 00:06:52 2001

On Fri, Jan 05, 2001, Brian W. wrote:
> 
> scp for windows is available, see
> http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html.
> 
> putty is a win ssh client, its free but a little too simple for me.
> pscp is a windoze scp client which I like.   Here's the faq,
> http://www.chiark.greenend.org.uk/~sgtatham/putty/faq.html.
> 

.. which is leading us WAY off topic.

* telnet (along with FTP) is not insecure.n itself Perhaps the use or
  implementations are insecure, but I'm pretty sure I've seen some
  ssh-related security bugs.

* show me a way to break telnet, and I'm sure to find a way to break ssh
  (yes, those who follow the news will go "but that relies on dumb users!"
  but I *bet* anyone who runs a decent sized ISP will attest to their
  users stupidity - or they wouldn't need a helpdesk...)

* Yes, the FTP protocol might be ancient, but so is TCP. And yes, TCP
  has had some overhauls but the basic principle is there, just like
  in FTP (which if I remember my history correctly was originally
  designed to work over NCP..)

This thread is irrelevant to NANOG. If you want to learn more about it,
I suggest you start by buying a book like "Applied Cryptography" - 
which explains concepts such as trust relationships as well as
"cryptography" (and can be used to prove telnet is secure/insecure in
situations just as much as ssh is secure/insecure in situations.)

*sigh*.



Adrian

-- 
Adrian Chadd			"Here's five for the cake, and
<adrian@creative.net.au>	  five to buy a clue."
				    - Ryan, Whatever it Takes