[Asterisk-Users] telnet and Root
Walt Reed
asterisk at linuxguy.com
Fri Aug 20 10:57:36 MST 2004
On Fri, Aug 20, 2004 at 12:14:00PM -0500, Steven Critchfield said:
> On Fri, 2004-08-20 at 11:59, Steve Szmidt wrote:
> > > ----- Original Message -----
> > > From: "Walt Reed" <asterisk at linuxguy.com>
> > > To: <asterisk-users at lists.digium.com>
> > > Sent: Friday, August 20, 2004 9:13 AM
> > > Subject: Re: [Asterisk-Users] telnet and Root
> > >
> > > > On Fri, Aug 20, 2004 at 08:40:43AM -0700, Chris Shaw said:
> > > > > >...Today there's no valid reason to use telnet over ssh.
> > > > >
> > > > > Was there ever a valid reason? Maybe export restrictions on crypto?
> > > > > I've never EVER used telnet or rlogin, SSH is so much nicer anyway...
> > > >
> > > > Yeah. Some of us were around before ssh existed. :-)
> >
> > Plus it's still a good tool for talking to various services like a mailserver
> > to debug connections. (You can specify the port to connect to.)
>
> Outside of SMTP and www, what are you doing with a open port to use
> telnet with? Pop3 is BAD, IMAP is BAD. You should be using the encrypted
> versions of all of these. Anything you can't secure directly should be
> tunneled via port forwarding with a ssh command.
Oh, there are lots of things unencrypted ports are still used for. lprd,
instant messaging, VoIP, etc. Some of these things are used inside a
protected network or over a VPN, some are not.
Frankly, there are better tools for testing network applications than
telnet.
nc, s_client (for testing ssl based apps), etc. There are
better tools for testing specific protocols.
http://www.jetmore.org/john/code/vmail for smtp, curl for http, etc.
> BTW, get used to that need as the more people move to wireless networks.
> Think how easy it is to roll into a cafe with wireless hotspot and
> capture usernames and passwords for all those checking email.
Sure, but in the business world we use VPN's and such to make wireless
more secure. There are still many unencrypted protocols that are widely
used inside any network and that's not going to change any time soon.
Man in the middle attacks can still cause problems for encrypted
applications too...
More information about the asterisk-users
mailing list