Dear Ones:
How to secure the telnet session against the sniffer softwares in windows 2k server, please explain briefly
regards
prem
Printable View
Dear Ones:
How to secure the telnet session against the sniffer softwares in windows 2k server, please explain briefly
regards
prem
Try using a secure shell server instead, telnet is insecure by design as it sends data unencrypted including passwords.
Googled secure shell serves for you
Google seach for secure shell servers
If you are the client and not the server it is even easier, just get a secure shell client such as 'putty' .
One thing I wondered but have not had time yet to test...Quote:
If you are the client and not the server it is even easier, just get a secure shell client such as 'putty' .
If you use a secure client such as putty... and you connect to telnet.
Your session will still be clear text, right?
That would make sense, becuase the keys are never set and the telnet sever wouldn't know what to do with the encyrpted data.
Yes, it would still be plain text , you do have to connect using the secure shell (SSH) protocol to the SSH port (22).
You can use putty just as a telnet client, but it would still be insecure, sorry I can see how I made that unclear.
If you actualy tried to connect using the secure shell protcol but set the port to 23 (telnet) not 22 (ssh) I think it would probably fail to connect.
How to configure SSH in win2k server??????
Even if it is in SSH utilities like CAIN can decode it, how to prevent that???
Are you talking about configuring your Windows 2000 Server to accept an SSH connection? As far as I know, you're going to have to get a third-party program to set up an SSH server. I prefer Van Dyke's VShell. I currently have it configured on one of my Windows 2003 Servers, and I'm in the process of setting up the *nix Beta of VShell on a Red Hat box. I've been very happy with it.
AJ
If some program such as CAIN (think I found the right thing) are decoding enrypted data it is usually by brute force, this takes a long time to do.
I expect there is a way of getting SSH to use longer ecryption keys, I don't have any experience with doing that I am afraid. But the general rule is the longer the key the longer it takes to crack, it is just a trade off between time/security and convenience.
while i was checking my password strength Cain in P4 512 megs system took 33 hours to crack this password the password i choosed was kLing!@(), it was a NTLM Hash
Why are you using telnet? You could just as easily use e-mail, FTP, or VPN, depending on the intended use of the connection.