Text 255, 105 rader
Skriven 2004-10-30 21:36:32 av Andy Ball (8:8/2)
    Kommentar till text 249 av Michel Samson (1:106/2000.0)
Ärende: Telnet Vs SSH
=====================
Hello Michel,

  MS> You fail to take into account the context where an analogy with
    > the "~POP3~ before ~SMTP~" validation method is brought in, i
    > wonder if it's obvious to you what "~POP3~ before ~SMTP~" is
    > implying.  ;-)

Then state this context, don't expect readers to divine it through psychic
means!

  MS> Throughout the years, Authors/SysOps have been acting like
    > MicroSoft $hare holder$, or employee$:  they took for granted
    > that all BBSers are using `Windows' and it's even more specific
    > than that since a BBSer's HardWare should be able to run a `Win
    > 32' OS for ~SSH~/~HTTPS~;

BBS were around for years before MS Windows, and I continue to use software
that knows nothing of MS Windows.  For years I also used a BBS that was run on
a non-PC hardware platform running non-Microsoft system software.  Also note
that SSH and HTTPS are in no way tied to MS Windows.

  MS> There's no need to explore ways to make ~TelNet~ secure with
    > help of ~SSH~ or ~HTTPS~ since authors/SysOps would just remove
    > that LEGACY feature instead but i will because you insist...

I never "insisted" on that, since I already know how to tunnel Telnet through
SSH.  I merely observed that doing so makes little or no sense for most remote
terminal applications (including access to a BBS).

  MS> Lets start with the BBS system from where i'm posting right now.
    > I got "69.75.117.170" when i fed `NSLookUp' with "BBSNets.COM"
    > and then it led to two very distinct results when i used
    > `TraceRt'...

And what makes you think that this is significant?

  MS> I have access to two different ~ISP~s at home so i made this
    > test with both and here's what i found:  my 128 Kbps ~DSL~ feed
    > gives two consistent strings which show up as "bellnexia.net"
    > and "inet.qwest.net" in the listing;

...in the list of hosts that your packets are being routed through?

  MS> ...with my DialUp account there were three of these, somehwere
    > in the listing i got "sogetel.net", "vtl.net" and "level3.net".
    > In both cases, it began with a Domain Name i could associate
    > with the ~ISP~ i used to ~TelNet~ and it ended with what i
    > believe to be the Domain Name of the ~ISP~ which gives access
    > the remote BBS system.

Why do you think that this matters?  Are you talking about the BBS host, or
intermediate systems?

  MS> Now, lets combine with this distinct patern a form of secure
    > validation thru the previous ~SSH~ or ~HTTPS~ session (which
    > took place MINUTES AGO);

Validation for an SSH or HTTPS session probably only lasts for the duration of
that session.  It is not a reasonable basis for anything that happens after
that session has ended.

  MS> ...if i were a SysOp, a validation method as selective as this
    > would sound secure enough for the LEGACY BBSers to use ~TelNet~.
    > In this context, it does make sense, no?

No.

  MS> Anyway, as i explained, ~SSH~/~HTTPS~ and ~TelNet~ ARE available
    > separately, probably under most of the OSes i can think of and
    > even under DOS i might add! I see no reason why i'd be unable to
    > validate thru ~SSH~ and then call a BBS thru unsecure ~TelNet~
    > SoftWare...

I never said that you couldn't.  Tunnelling through an SSH connection is common
practice.  Tunnelling telnet through an SSH connection to a host that is
accessible via SSH to the outside world makes no sense, since in order to
connect you need a working SSH client, which will do the same thing as telnet
in any case!

  MS> So far, once a session is initiated i wouldn't care that my
    > BBSer's ~IP~ is changing as long as his partern is going to be
    > the same.

Define 'partern'.

  MS> Do you still fail to see where the "~POP3~ before ~SMTP~"
    > analogy fits here...

Yes, you have failed to explain what you mean by that.

  MS> i rarely launch `Windows' just to get a message-packet (the wait
    > is very long and is measured in minutes because INet acces under
    > `Windows' would require that i use a Fire-Wall, an Anti-Virus
    > and also an Anti-PopUp, if the only option left is a ~WEB~
    > BBS)...

Use of the Web does not require MS Windows.

- Andy Ball

 * SLMR 2.1a *

--- BBBS/NT v4.01 Flag-5
 # Origin: FamilyNet Sponsored by http://www.christian-wellness.net (8:8/2)
 * Origin: BBS Networks @ www.bbsnets.com 808-839-6036 (1:10/345)