[71024] in North American Network Operators' Group
Re: IT security people sleep well
daemon@ATHENA.MIT.EDU (Paul Jakma)
Sat Jun 5 21:12:11 2004
Date: Sun, 6 Jun 2004 02:12:16 +0100 (IST)
From: Paul Jakma <paul@clubi.ie>
To: Eric Kuhnke <eric@fnordsystems.com>
Cc: nanog@merit.edu
In-Reply-To: <40BF872C.6020407@fnordsystems.com>
Errors-To: owner-nanog-outgoing@merit.edu
On Thu, 3 Jun 2004, Eric Kuhnke wrote:
> The part about Telnet is truly scary...
What's really scary is that the people here complaining about a
certain vendor charging extra for SSH and hence forcing them to use
"insecure" telnet havnt the cop-on to read that vendor's
"AAA" documentation and realise that the base feature set _already_
includes capability to do secure authentication.
Eg, challenge/response via RADIUS or even Kerberised telnet (and many
people here probably already have kerberos servers in their
organisations, aka Windows Active Directory).
regards,
--
Paul Jakma paul@clubi.ie paul@jakma.org Key ID: 64A2FF6A
warning: do not ever send email to spam@dishone.st
Fortune:
You can't take damsel here now.
