[HECnet] Telnet/SSH attacks
Dave McGuire
mcguire at neurotica.com
Wed Nov 27 14:35:06 PST 2013
On 11/27/2013 12:13 PM, Brian Schenkenberger, VAXman- wrote:
The Telnet protocol itself makes no promises about the presence OR
absence of encryption, and it has a very flexible do/don't/will/won't
option negotiation protocol. Kerberos-enabled telnet, in particular,
allows for automatic authentication and/or stream encryption, with
either enabled or disabled on an invocation-by-invocation basis.
Kerberos-enabled telnet doesn't work unless the target is setup to and
willing to provide for it. I have no knowledge of how Sampsa has his
configured but from the initial discussion, I'd doubt that Kerberos is
involved.
As do I. I was merely nit-picking that "telnet" does not exclusively
mean "cleartext". Given that it was an open and outward-facing service,
I'd certainly HOPE it was Kerberized telnet! ;)
-Dave
--
Dave McGuire, AK4HZ
New Kensington, PA
More information about the Hecnet-list
mailing list