Techie Tip of the day

[lander]

I'm sure most of you guys are familiar with Telnet & FTP, right? Well, unfamiliarize yourselves with them because they are NOT secure. Any sniffer could easily intercept your authentication info.

Well, fret not, you don't have to learn anything new ... you just need to use new protocols - SSH & SFTP (FTP over Secure Shell).

SSH is *basically* a secure protocol. Most *NIX boxes come with Telnet & SSH, but look for Telnet to soon disappear.
Same deal with FTP & SFTP. SFTP is FTP over SSH (*basically*).

You will notice no difference by using SFTP over FTP or by using SSH over Telnet, other than you connect to port 22 instead of standard Telnet port 23 BUT network sniffers will

 

[truthteller]

Wow..Thanks Einstein.

 

[Dante]

lander is more then that.. you WANT this guy on your Tech team....the guru of I.T.

 

[RPM]

am i the only person who has no fvcking clue what lander is talking about?

 

[bucsfan67]

<BLOCKQUOTE class="ip-ubbcode-quote"><font size="-1">quote:</font><HR>Originally posted by RPM:
am i the only person who has no fvcking clue what lander is talking about?

<HR></BLOCKQUOTE>


nope.......

 

[silver7]

I`ll have whatever he`s having!

 

[joel2002]

rpm i don't have a clue

 

[SENDITIN]

Nobody can understand a Bush hating communist

 

[GringoinCR]

Thanks for the news alert.

 

[lander]

Well, fortunately for Bush he can disregard this post as there is a small prerequisite of actually knowing the ABC's before one can undertand the SSH protocol.

Oh, for those above *Bush-level* intelligence ... remember a SSHD (Secure Shell Daemon) must actually be running on the remote server (obviously, or you have nothing to connect to).

 

[lander]

No need to be sarcasitc Gringo, it's not *common knowledge* to alot of people. And imagine the headache's of having your 'ROOT' password sniffed during an FTP session.

 

[GringoinCR]

Using root remotely isn't a good idea period. The thing is, the people that know what telnet is, also know what ssh is.

If they don't know what ssh is, they probably don't need to know. They are too concerned with getting the latest version of messenger.

Personally I blame bill for putting computers in everyones houses. It's like handing out guns in school and hoping no one will hurt themselves. Without trojans sitting on clueless computer owners systems, there would be no dos attacks.

 

[truthteller]

That's common knowledge to every tech I know including myself.

It's like betting on sports but don't know what a spread is.

 

[lander]

<BLOCKQUOTE class="ip-ubbcode-quote"><font size="-1">quote:</font><HR>Originally posted by truthteller:
That's common knowledge to every tech I know including myself.

It's like betting on sports but don't know what a spread is.<HR></BLOCKQUOTE>

Sorry, I didn't mean to offend you by helping people

 

[corey]

What program do you use to upload to a remote server?

 

[lander]

Putty has a SFTP client.

It's not a flashy GUI application (more like of command driven app), but it's free & effective.

If you're not familiar with FTP, then really the only commands you'll need are

LCD (ie, >lcd c:\foo) - this changes the direct on your machine (Local Change Directory)
CD (ie, >cd /home/lander/upload) - this changes the directory on the remote server (the FTP server)
BIN - changes the transfer from ASCII to Binary (putty does this for you, but generally it's better to tranfer in binary)
PUT - copies a file from your local machine using the current local directory (set by LCD) to the current directory of the remote server (set by CD). (ie >put ttinco.sux)
GET - copies a file from the remote machine to your local computer (ie >get lander.rules)

 

[TheGeneral+]

I think I got it Lander. Next lesson please.

Thanks

 

[yellowman]

Also mention that SSH v1.x is not secure either...several vulnerabilities. SSH2 is more secure but the average user doesn't even use UNIX or have use for a SSH client, so what does it matter

 

[Java]

Lander-

SSH is the only way to go. I stopped using telnet years ago. Of course, I log into Unix/Linux servers (not that crap from Billy Gates). PC Anywhere was pretty much the "solution" used by people sevicing Windows.

 

[lander]

Good point Yellow Man.