[Info-vax] Is Eisner down?
Bill Gunshannon
bill at server3.cs.scranton.edu
Thu Dec 5 08:34:39 EST 2013
In article <l7psl1$2b3$1 at lnx107.hrz.tu-darmstadt.de>,
m.kraemer at gsi.de (Michael Kraemer) writes:
> In article <bgb8spFb5thU1 at mid.individual.net>, bill at server3.cs.scranton.edu
> (Bill Gunshannon) writes:
>>
>> How about at your ISP? Do you trust them unconditionally?
>
> Well, with the same logic I could stop using email
> because NSA might be reading it.
> There's always some risk somewhere.
The risk of NSA snooping is causing more people to end to end encrypt
their email. Which is even one step higher. I'm not that paranoid
yet. I can just sit back and rest on the fact that if the NSA is
reading my emails there are a lot of inteligence analysts noding off
cause my emails must be the most boring in the world. :-)
But when you come down to it, who has more to gain, the NSA or some
kid at Verizon who is hoping to find things like creditcard numbers
and account numbers stored on people's computers.
>
>>
>> Well, I thought there were versions of Multinet for older VMS versions.
>>
>
> so one has to buy and install/maintain an extra product
> vs simply typing "telnet".
If one is security conscious, yes. Isn't the whole purpose of Multinet's
existence to fill in the gaps left by VMS TCP/IP package?
>
>
>> The only other one I can talk about is OS-9 as I do that a lot. Not
>> much in the line of networking on the 6809. :-) I can connect it to
>> the INTERNET, even run a webserver on it, but it all goes thru a PC
>> gateway so the network has whatever security is provided by the PC.
>
> again: and additional level of complexity
Without which my systems would not be connected to a network, so without
it the point is moot cause I couldn't "simply type telnet".
> (which you usually try to avoid in real time data processing)
> vs simply typing telnet.
Not all OS-9 systems are doing actual real-time. :-)
>
>> > Not all environments are such malignant as your university.
>>
>> Very bad assumption. Insider threats are seen as much more of a problem
>> than outsider threats today if for no other reason than you have invited
>> them in past your first level of security.
>
> You always have to assess risk vs inconvenience.
> Mileages vary.
That's true, but I have the priviledge of being the administrator and can
force the issue within my domain (when my department ran its own wireless
everything was encrypted. the current status quo is not my design or my
choice.)
>
>>
>> > No, I won't let go telnet at this time.
>>
>> Your choice, but I will never run it again.
>
> I'm not recommending telnet everywhere,
> especially not on WANs, most firewalls block it anyway.
True, mine do. And starting in January plain ftp, too.
> But there are environments where its use may be justified.
>
>> And at the end of this
>> semester I have finally convinced them to drop the last hole in the
>> security scheme. No more FTP. Only SFTP will be supported.
>
> wonder how you will download bits and pieces from anonymous FTP servers.
What's that? :-) Most is done by HTTP today. And I don't block any
protocol going out. I don't care if someone steals your GMAIL password.
I only care about securing my servers and not letting those passwords
get loose. It's hard enough keeping students from freely giving them
out on the INTERNET without leaving simple methods for surreptitious
collection.
bill
--
Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves
billg999 at cs.scranton.edu | and a sheep voting on what's for dinner.
University of Scranton |
Scranton, Pennsylvania | #include <std.disclaimer.h>
More information about the Info-vax
mailing list