From: “Perry E. Metzger” <pmetzger@lehman.com>
To: hughes@ah.com (Eric Hughes)
Message Hash: 962e45659af1cf6b9f2719dd051fb22ba1b2a4d6e13beff3915101de82ec9397
Message ID: <9403061516.AA17049@andria.lehman.com>
Reply To: <9403060605.AA08029@ah.com>
UTC Datetime: 1994-03-06 15:16:57 UTC
Raw Date: Sun, 6 Mar 94 07:16:57 PST
From: "Perry E. Metzger" <pmetzger@lehman.com>
Date: Sun, 6 Mar 94 07:16:57 PST
To: hughes@ah.com (Eric Hughes)
Subject: Re: Update on user-level hack to do telnet encryption posted recently
In-Reply-To: <9403060605.AA08029@ah.com>
Message-ID: <9403061516.AA17049@andria.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain
Eric Hughes says:
> For the forseeable future, there will be the need for link encryption
> where one is connecting to a site where the far end doesn't have
> encrypted telnet available, _for_whatever_reason_at_all. There are
> lots of reasons, e.g. site managers are busy and the user did not plan
> in advance. It doesn't really matter. If you can't alter the remote
> end except by a user process, that's what you use.
I strongly disagree. If you truly insist, run your own telnetd on the
remote machine. Don't run a hack. However, the right solution is to
get the site manager to replace their telnet, a process that takes
minutes and which, given the current epidemic of line tapping, is of
obvious necessity even to the brain damaged. As I've noted, however,
its trivial to run your own telnetd on another port if you absolutely
insist.
Perry
Return to March 1994
Return to “tim werner <werner@mc.ab.com>”