telnet
Niels Dettenbach (Syndicat IT & Internet)
nd at syndicat.com
Fri Jul 5 12:29:26 UTC 2019
Am 5. Juli 2019 11:26:13 MESZ schrieb Dr M J Carter <Martin.Carter at physics.ox.ac.uk>:
>I'm not: it, and FTP, are horribly insecure. The corresponding
>server-end daemons are (or should be) turned off on most sites in the
>interests of self-defence, and replaced by use of SSH.
Contrary to some "hype" (primarily driven by some major players in selling x509 certs and a Browser foundation which earns huge amounts from them year by year) in the last years, there is no absolute "secure" as "insecure" in the IT world and almost anything "must be encrypted for security" It still makes sense for i.e. builders of network equipment and similiar to offer telnet or plain FTP (non secured, FTP is available with SSL / TLS too) - i.e. because the initial setup is done by a direct cable link or within any other environments, where data leakage / connection hijacking security requirements are "others" then most users think of at first. TFTP is a well known exslample for that. Data integrity has to be implemented on other levels then (if required - i.e. signatures) and data privacy is not always a concern - i.e. for downloads of large, public available files. And HTTPS with x509 is not a holy grahl of sec too in practice.
A unencrypted telnet as FTP stack requires a much smaller footprint and is much less ressource consuming / failure affected then a non-required encrypted alternative - i.e. on very small computing devices or platforms, as a kernel internal or whatever. I remember HP devices where the SSH remote console access hanged (RAM full) and telnet was the only option to gain any access back (usually over VPN or dedicated LAN).
And most modern console FTP clients are usually SSL/TLS capable out of the box, while FTP is still widely used as "public" as "private" Internet services.
And btw: netcat has the same security implications as a "substitute" for telnet (client).
There is no "general insecure" as "general secure" tool in practice - there is only more or less "clever" / aware usage of...ß)
just my view,
beste regards,
niels.
--
Niels Dettenbach
Syndicat IT & Internet
https://www.syndicat.com
More information about the macports-users
mailing list