North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: IT security people sleep well
The part about Telnet is truly scary... Among people who have "clue", the biggest reason I have heard to continue running ssh1 is for emergency access via hand-held smartphones or other pocket sized devices. The Handspring Treo 180 and similar keyboarded cellphone-pda devices don't have the CPU power necessary for a SSH2 key exchange, unless I'm drastically mistaken about the FPU abilities of a 33 MHz Motorola Dragonball...I liked this quote, About 43% of respondents said they're using the Secure Shell (SSH) protocol to protect data, secure remote access, and perform network management. But while the current SSH2 is considered to be significantly more secure, nearly 45% said they are continuing to mostly use the older SSH1 protocol. A cause for greater concern, according to the surveyors, is that 54.9% said they continue to configure their network devices via Telnet, which is known by network security experts to be severely vulnerable to intruders because it sends data as clear text and offers only weak password authentication.