[71002] in North American Network Operators' Group
Re: IT security people sleep well
daemon@ATHENA.MIT.EDU (Alexei Roudnev)
Fri Jun 4 02:23:52 2004
From: "Alexei Roudnev" <alex@relcom.net>
To: <nanog@merit.edu>, "Daniel Senie" <dts@senie.com>
Date: Thu, 3 Jun 2004 23:23:15 -0700
Errors-To: owner-nanog-outgoing@merit.edu
This is very bad - they have SSH in extended versions, why did not they
included it into all versions, where it was possible
without running out of flash memory.
Through, it is not so unsecured - in most cases people restricts access to a
few IP sources, which are located on the internal network, or even allows
only console access; but anyway, not a good thing. They could (at least)
allow changing telnet port
>
>
> >
> >On Thu, 03 Jun 2004 13:16:44 PDT, Eric Kuhnke <eric@fnordsystems.com>
said:
> >
> > > The part about Telnet is truly scary... Among people who have
"clue",
> > > the biggest reason I have heard to continue running ssh1 is for
> > > emergency access via hand-held smartphones or other pocket sized
> > > devices. The Handspring Treo 180 and similar keyboarded cellphone-pda
> > > devices don't have the CPU power necessary for a SSH2 key exchange,
> > > unless I'm drastically mistaken about the FPU abilities of a 33 MHz
> > > Motorola Dragonball...
>
> Cisco 26xx, 36xx routers at least, current 12.3 IOS, no ssh support in the
> basic loads that I can find. Telnet is the only way in other than the
> console port.
>
>
