Date: Mon, 21 Jan 2002 14:22:33 +0100 From: Stefan de Zeeuw <stefan.de.zeeuw@wellance.com> To: "Questions@Freebsd. Org (E-mail)" <questions@freebsd.org> Subject: RE: telnet/ftp security Message-ID: <0107A170FEECD211ABE500104BD665BBFF027D@monster.wellance.com>
next in thread | raw e-mail | index | archive | help
This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_001_01C1A27E.AF66E660 Content-Type: text/plain; charset="iso-8859-1" joe, if you're searching for good ssh/sftp clients for windows you can best look at one of the mirrors of ssh.com. you can download one there. -stef -----Original Message----- From: jacks@sage-american.com [mailto:jacks@sage-american.com] Sent: Saturday, January 19, 2002 9:04 PM To: Joe & Fhe Barbish; Alfatrion Cc: FBSD Questions Subject: RE: telnet/ftp security Joe: SSH and sftp are FBSD. SSH should be already setup and running on your FBSD machine and can be accessed from a Win client capable of ssh1/ssh2. It accesses thru port 22. You will need to install sftp on the FBSD server and setup the Win FTP client to use ssh if you have one that can do so.... At 02:48 PM 1.19.2002 -0500, Joe & Fhe Barbish wrote: >I only access the FBSD/gateway/ipfw box from ms/windows >machines. You implied the SSH(v2) and sftp are the >equivalent encrypted versions of telnet & ftp. >Are these windows clients, and if so where do I get >them from? > >I read the man skey and it's assocated other commands >man pages. As usual these man pages lacks any how to >setup and use info. >Is there any how-to-use infor you can point me to? > >Thanks >Joe > >-----Original Message----- >From: Alfatrion [mailto:alfatrion@cybertron.tmfweb.nl] >Sent: Saturday, January 19, 2002 11:32 AM >To: Joe & Fhe Barbish >Cc: FBSD Questions >Subject: Re: telnet/ftp security > >Hello Joe, > >Saturday, January 19, 2002, 5:08:57 PM, you wrote: > >JFB> I have telnet & FTP ID/PW access to my FBSD gateway/ipfw >JFB> box from the internet. Are there any security holes in >JFB> these two applications that would allow breaking into my system? > >The biggest security holes in those application is the lack of >security. Both application send the usernames, passwords and the data >unencrypted. All one has to do is sniff the username and passwords to >gain access to the system. SSH(v2) and sftp are the equivalent >encrypted versions. (a lot of other procolls are unsave to, like pop3, >smtp, ect.) > >I have my machine set up so that it can not be reached from the >internet with telnet, but did leave other procols untouched. To >compromis for this i installed the use of one-time-use password, for >certain users. You can check 'man skey' for this. > >-- >Best regards, > Alfatrion mailto:alfatrion@cybertron.tmfweb.nl > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-questions" in the body of the message > > Best regards, Jack L. Stone, Server Admin =================================================== Sage-American http://www.sage-american.com jacks@sage-american.com "My center is giving way, my right is in retreat; ....situation excellent! ....I shall attack!" =================================================== To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message ------_=_NextPart_001_01C1A27E.AF66E660 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> <HTML> <HEAD> <META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; = charset=3Diso-8859-1"> <META NAME=3D"Generator" CONTENT=3D"MS Exchange Server version = 5.5.2653.12"> <TITLE>RE: telnet/ftp security</TITLE> </HEAD> <BODY> <BR> <P><FONT SIZE=3D2> joe, if you're searching for good ssh/sftp = clients for windows you can best look at one of the mirrors of ssh.com. = you can download one there.</FONT></P> <P><FONT SIZE=3D2>-stef</FONT> </P> <P><FONT SIZE=3D2>-----Original Message-----</FONT> <BR><FONT SIZE=3D2>From: jacks@sage-american.com [<A = HREF=3D"mailto:jacks@sage-american.com">mailto:jacks@sage-american.com</= A>]</FONT> <BR><FONT SIZE=3D2>Sent: Saturday, January 19, 2002 9:04 PM</FONT> <BR><FONT SIZE=3D2>To: Joe & Fhe Barbish; Alfatrion</FONT> <BR><FONT SIZE=3D2>Cc: FBSD Questions</FONT> <BR><FONT SIZE=3D2>Subject: RE: telnet/ftp security</FONT> </P> <BR> <P><FONT SIZE=3D2>Joe: SSH and sftp are FBSD. SSH should be already = setup and running on your</FONT> <BR><FONT SIZE=3D2>FBSD machine and can be accessed from a Win client = capable of ssh1/ssh2. It</FONT> <BR><FONT SIZE=3D2>accesses thru port 22.</FONT> </P> <P><FONT SIZE=3D2>You will need to install sftp on the FBSD server and = setup the Win FTP</FONT> <BR><FONT SIZE=3D2>client to use ssh if you have one that can do = so....</FONT> </P> <P><FONT SIZE=3D2>At 02:48 PM 1.19.2002 -0500, Joe & Fhe Barbish = wrote:</FONT> <BR><FONT SIZE=3D2>>I only access the FBSD/gateway/ipfw box from = ms/windows </FONT> <BR><FONT SIZE=3D2>>machines. You implied the SSH(v2) and sftp are = the </FONT> <BR><FONT SIZE=3D2>>equivalent encrypted versions of telnet & = ftp. </FONT> <BR><FONT SIZE=3D2>>Are these windows clients, and if so where do I = get </FONT> <BR><FONT SIZE=3D2>>them from?</FONT> <BR><FONT SIZE=3D2>></FONT> <BR><FONT SIZE=3D2>>I read the man skey and it's assocated other = commands </FONT> <BR><FONT SIZE=3D2>>man pages. As usual these man pages lacks any = how to </FONT> <BR><FONT SIZE=3D2>>setup and use info. </FONT> <BR><FONT SIZE=3D2>>Is there any how-to-use infor you can point me = to?</FONT> <BR><FONT SIZE=3D2>></FONT> <BR><FONT SIZE=3D2>>Thanks </FONT> <BR><FONT SIZE=3D2>>Joe </FONT> <BR><FONT SIZE=3D2>></FONT> <BR><FONT SIZE=3D2>>-----Original Message-----</FONT> <BR><FONT SIZE=3D2>>From: Alfatrion [<A = HREF=3D"mailto:alfatrion@cybertron.tmfweb.nl">mailto:alfatrion@cybertron= .tmfweb.nl</A>]</FONT> <BR><FONT SIZE=3D2>>Sent: Saturday, January 19, 2002 11:32 AM</FONT> <BR><FONT SIZE=3D2>>To: Joe & Fhe Barbish</FONT> <BR><FONT SIZE=3D2>>Cc: FBSD Questions</FONT> <BR><FONT SIZE=3D2>>Subject: Re: telnet/ftp security</FONT> <BR><FONT SIZE=3D2>></FONT> <BR><FONT SIZE=3D2>>Hello Joe,</FONT> <BR><FONT SIZE=3D2>></FONT> <BR><FONT SIZE=3D2>>Saturday, January 19, 2002, 5:08:57 PM, you = wrote:</FONT> <BR><FONT SIZE=3D2>></FONT> <BR><FONT SIZE=3D2>>JFB> I have telnet & FTP ID/PW access to = my FBSD gateway/ipfw</FONT> <BR><FONT SIZE=3D2>>JFB> box from the internet. Are there any = security holes in</FONT> <BR><FONT SIZE=3D2>>JFB> these two applications that would allow = breaking into my system?</FONT> <BR><FONT SIZE=3D2>></FONT> <BR><FONT SIZE=3D2>>The biggest security holes in those application = is the lack of</FONT> <BR><FONT SIZE=3D2>>security. Both application send the usernames, = passwords and the data</FONT> <BR><FONT SIZE=3D2>>unencrypted. All one has to do is sniff the = username and passwords to</FONT> <BR><FONT SIZE=3D2>>gain access to the system. SSH(v2) and sftp are = the equivalent</FONT> <BR><FONT SIZE=3D2>>encrypted versions. (a lot of other procolls are = unsave to, like pop3,</FONT> <BR><FONT SIZE=3D2>>smtp, ect.)</FONT> <BR><FONT SIZE=3D2>></FONT> <BR><FONT SIZE=3D2>>I have my machine set up so that it can not be = reached from the</FONT> <BR><FONT SIZE=3D2>>internet with telnet, but did leave other = procols untouched. To</FONT> <BR><FONT SIZE=3D2>>compromis for this i installed the use of = one-time-use password, for</FONT> <BR><FONT SIZE=3D2>>certain users. You can check 'man skey' for = this.</FONT> <BR><FONT SIZE=3D2>></FONT> <BR><FONT SIZE=3D2>>--</FONT> <BR><FONT SIZE=3D2>>Best regards,</FONT> <BR><FONT SIZE=3D2>> = Alfatrion &nb= sp; &nb= sp; <A = HREF=3D"mailto:alfatrion@cybertron.tmfweb.nl">mailto:alfatrion@cybertron= .tmfweb.nl</A></FONT> <BR><FONT SIZE=3D2>></FONT> <BR><FONT SIZE=3D2>></FONT> <BR><FONT SIZE=3D2>>To Unsubscribe: send mail to = majordomo@FreeBSD.org</FONT> <BR><FONT SIZE=3D2>>with "unsubscribe freebsd-questions" = in the body of the message</FONT> <BR><FONT SIZE=3D2>></FONT> <BR><FONT SIZE=3D2>></FONT> </P> <P><FONT SIZE=3D2>Best regards,</FONT> <BR><FONT SIZE=3D2>Jack L. Stone,</FONT> <BR><FONT SIZE=3D2>Server Admin</FONT> </P> <P><FONT = SIZE=3D2>=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D</FONT> <BR><FONT SIZE=3D2>Sage-American </FONT> <BR><FONT SIZE=3D2><A HREF=3D"http://www.sage-american.com" = TARGET=3D"_blank">http://www.sage-american.com</A></FONT>; <BR><FONT SIZE=3D2>jacks@sage-american.com</FONT> </P> <P><FONT SIZE=3D2>"My center is giving way, my right is in = retreat;</FONT> <BR><FONT SIZE=3D2>....situation excellent! ....I shall = attack!"</FONT> <BR><FONT = SIZE=3D2>=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D</FONT> </P> <P><FONT SIZE=3D2>To Unsubscribe: send mail to = majordomo@FreeBSD.org</FONT> <BR><FONT SIZE=3D2>with "unsubscribe freebsd-questions" in = the body of the message</FONT> </P> </BODY> </HTML> ------_=_NextPart_001_01C1A27E.AF66E660-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?0107A170FEECD211ABE500104BD665BBFF027D>