X-Recipient: archive-cygwin@delorie.com
X-SWARE-Spam-Status: No, hits=-1.6 required=5.0 	tests=AWL,BAYES_00,RCVD_IN_DNSWL_LOW
X-Spam-Check-By: sourceware.org
X-ASG-Debug-ID: 1265730666-259d00070004-w5GHUG
X-Barracuda-URL: http://10.10.1.48:8000/cgi-bin/mark.cgi
X-ASG-Whitelist:  Sender
Message-ID: <018e01caa99f$b9314ab0$aa01090a@amanda>
From: "Tomasz Pona" <koczis@parasoft.com>
To: <cygwin@cygwin.com>
References: <loom.20100208T154733-271@post.gmane.org> <00fa01caa970$d351b8a0$aa01090a@amanda> <4B716FBC.2060109@cwilson.fastmail.fm>
X-ASG-Orig-Subj: Re: telnet connected but without response
Subject: Re: telnet connected but without response
Date: Tue, 9 Feb 2010 16:50:16 +0100
MIME-Version: 1.0
Content-Type: text/plain; 	charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
X-Barracuda-Connect: dove2.parasoft.com[10.10.1.53]
X-Barracuda-Start-Time: 1265730681
X-Barracuda-Virus-Scanned: by Barracuda Spam & Virus Firewall at parasoft.com
Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe@cygwin.com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin@cygwin.com>
List-Help: <mailto:cygwin-help@cygwin.com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner@cygwin.com
Mail-Followup-To: cygwin@cygwin.com
Delivered-To: mailing list cygwin@cygwin.com
Note-from-DJ: This may be spam

Charles Wilson wrote:
> Bingo! telnet is an inherently unsafe technology which exchanges
> passwords in plaintext, where any schmuck with a packet sniffer can see
> your password. Combined that with wireless ethernet, and you're just
> screaming "HACK ME!".
>
> If you have ANY choice in the matter, use ssh instead.

I'm behind a relatively well maintained firewall and I don't think me and my
colleagues should suspect aech other here. ;)
It's of course a very slight chance of some fake technician sneaking here
and there and connecting to our LAN, but well... sh*t just happens.
Out of necessity we're using SSH now, but it looks like telnet is a lot
easier to maintain and understand: we had inetd configured already
and we had to enable sshd. Obviously ssh-config scripts are doing great job
setting defaults, but when reading doc you're immediately attacked by the
overburden of information on:
- public key generation,
- forwarding of the authentication agent connection
- port forwarding
- pre- and post- authentication
- privilege separation and special inaccessible account demand
- access rights problems and another special account demand
- this and that being an option and a subject for configuration

Just reading the docs makes me feel that I probably understand 20% of what
is written there (considering the language used) and I immediately tend to
love our old good firewall + telnet solution. I'm pretty convinced I'm not
alone...

Thanks for looking at this Chuck.


Regards,
Tomasz Pona


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple