North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: telnet vs ssh on Core equipment , looking for reasons why ?

  • From: Stephen J. Wilcox
  • Date: Tue Jul 31 10:20:53 2001

> > true, but i would point out that if its your core equipment that you are
> > accessing from your network that sits directly on the core then you should
> > be happy with the fact that no one is eavesdropping and it makes no
> > difference.
> 
> not everyone has out-of-band networks for management. Management of
> devices is sometimes done thousands of miles away. Remember also that this
> traffic can be sniffed before it gets to the core (yes, ssh is sniffable
> aswell, but just not as easily, and atleast it's not in plaintext)

this is in-band. if as you say you are accessing from another network then
this is where the encryption kicks in being useful, however that raises
another question - do you just allow any host to connect providing they
can authenticate? i know my login ports are restricted at both network and
host level to specific authorized addresses...

> > so thats my main logic, authentication... i cant understand the big
> > paranoia on people sniffing tho!
> 
> unfortunately ssh is just as sniffable if it's an arp spoof, but hopefully
> it's not as easy for the naughty eavesdropper to get into the right
> position for that....

exactly, its probably easier to hack the box by other means than sniffing
auth details!

Steve