X-Recipient: archive-cygwin AT delorie DOT com
X-SWARE-Spam-Status: No, hits=-1.6 required=5.0 	tests=AWL,BAYES_00,RCVD_IN_DNSWL_LOW
X-Spam-Check-By: sourceware.org
X-ASG-Debug-ID: 1265730666-259d00070004-w5GHUG
X-Barracuda-URL: http://10.10.1.48:8000/cgi-bin/mark.cgi
X-ASG-Whitelist:  Sender
Message-ID: <018e01caa99f$b9314ab0$aa01090a@amanda>
From: "Tomasz Pona" <koczis AT parasoft DOT com>
To: <cygwin AT cygwin DOT com>
References: <loom DOT 20100208T154733-271 AT post DOT gmane DOT org> <00fa01caa970$d351b8a0$aa01090a AT amanda> <4B716FBC DOT 2060109 AT cwilson DOT fastmail DOT fm>
X-ASG-Orig-Subj: Re: telnet connected but without response
Subject: Re: telnet connected but without response
Date: Tue, 9 Feb 2010 16:50:16 +0100
MIME-Version: 1.0
Content-Type: text/plain; 	charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
X-Barracuda-Connect: dove2.parasoft.com[10.10.1.53]
X-Barracuda-Start-Time: 1265730681
X-Barracuda-Virus-Scanned: by Barracuda Spam & Virus Firewall at parasoft.com
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Note-from-DJ: This may be spam

Charles Wilson wrote:
> Bingo! telnet is an inherently unsafe technology which exchanges
> passwords in plaintext, where any schmuck with a packet sniffer can see
> your password. Combined that with wireless ethernet, and you're just
> screaming "HACK ME!".
>
> If you have ANY choice in the matter, use ssh instead.

I'm behind a relatively well maintained firewall and I don't think me and my
colleagues should suspect aech other here. ;)
It's of course a very slight chance of some fake technician sneaking here
and there and connecting to our LAN, but well... sh*t just happens.
Out of necessity we're using SSH now, but it looks like telnet is a lot
easier to maintain and understand: we had inetd configured already
and we had to enable sshd. Obviously ssh-config scripts are doing great job
setting defaults, but when reading doc you're immediately attacked by the
overburden of information on:
- public key generation,
- forwarding of the authentication agent connection
- port forwarding
- pre- and post- authentication
- privilege separation and special inaccessible account demand
- access rights problems and another special account demand
- this and that being an option and a subject for configuration

Just reading the docs makes me feel that I probably understand 20% of what
is written there (considering the language used) and I immediately tend to
love our old good firewall + telnet solution. I'm pretty convinced I'm not
alone...

Thanks for looking at this Chuck.


Regards,
Tomasz Pona


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple