Subj : Telnet Vs SSH To : Michel Samson From : Andy Ball Date : Sat Oct 30 2004 10:36 pm Hello Michel, MS> You fail to take into account the context where an analogy with > the "~POP3~ before ~SMTP~" validation method is brought in, i > wonder if it's obvious to you what "~POP3~ before ~SMTP~" is > implying. ;-) Then state this context, don't expect readers to divine it through psychic means! MS> Throughout the years, Authors/SysOps have been acting like > MicroSoft $hare holder$, or employee$: they took for granted > that all BBSers are using `Windows' and it's even more specific > than that since a BBSer's HardWare should be able to run a `Win > 32' OS for ~SSH~/~HTTPS~; BBS were around for years before MS Windows, and I continue to use software that knows nothing of MS Windows. For years I also used a BBS that was run on a non-PC hardware platform running non-Microsoft system software. Also note that SSH and HTTPS are in no way tied to MS Windows. MS> There's no need to explore ways to make ~TelNet~ secure with > help of ~SSH~ or ~HTTPS~ since authors/SysOps would just remove > that LEGACY feature instead but i will because you insist... I never "insisted" on that, since I already know how to tunnel Telnet through SSH. I merely observed that doing so makes little or no sense for most remote terminal applications (including access to a BBS). MS> Lets start with the BBS system from where i'm posting right now. > I got "69.75.117.170" when i fed `NSLookUp' with "BBSNets.COM" > and then it led to two very distinct results when i used > `TraceRt'... And what makes you think that this is significant? MS> I have access to two different ~ISP~s at home so i made this > test with both and here's what i found: my 128 Kbps ~DSL~ feed > gives two consistent strings which show up as "bellnexia.net" > and "inet.qwest.net" in the listing; ....in the list of hosts that your packets are being routed through? MS> ...with my DialUp account there were three of these, somehwere > in the listing i got "sogetel.net", "vtl.net" and "level3.net". > In both cases, it began with a Domain Name i could associate > with the ~ISP~ i used to ~TelNet~ and it ended with what i > believe to be the Domain Name of the ~ISP~ which gives access > the remote BBS system. Why do you think that this matters? Are you talking about the BBS host, or intermediate systems? MS> Now, lets combine with this distinct patern a form of secure > validation thru the previous ~SSH~ or ~HTTPS~ session (which > took place MINUTES AGO); Validation for an SSH or HTTPS session probably only lasts for the duration of that session. It is not a reasonable basis for anything that happens after that session has ended. MS> ...if i were a SysOp, a validation method as selective as this > would sound secure enough for the LEGACY BBSers to use ~TelNet~. > In this context, it does make sense, no? No. MS> Anyway, as i explained, ~SSH~/~HTTPS~ and ~TelNet~ ARE available > separately, probably under most of the OSes i can think of and > even under DOS i might add! I see no reason why i'd be unable to > validate thru ~SSH~ and then call a BBS thru unsecure ~TelNet~ > SoftWare... I never said that you couldn't. Tunnelling through an SSH connection is common practice. Tunnelling telnet through an SSH connection to a host that is accessible via SSH to the outside world makes no sense, since in order to connect you need a working SSH client, which will do the same thing as telnet in any case! MS> So far, once a session is initiated i wouldn't care that my > BBSer's ~IP~ is changing as long as his partern is going to be > the same. Define 'partern'. MS> Do you still fail to see where the "~POP3~ before ~SMTP~" > analogy fits here... Yes, you have failed to explain what you mean by that. MS> i rarely launch `Windows' just to get a message-packet (the wait > is very long and is measured in minutes because INet acces under > `Windows' would require that i use a Fire-Wall, an Anti-Virus > and also an Anti-PopUp, if the only option left is a ~WEB~ > BBS)... Use of the Web does not require MS Windows. - Andy Ball * SLMR 2.1a * --- BBBS/NT v4.01 Flag-5 # Origin: FamilyNet Sponsored by http://www.christian-wellness.net (8:8/2) * Origin: BBS Networks @ www.bbsnets.com 808-839-6036 (1:10/345) .