[ Thanks to Fred Mobach
for this link. ]
“Security on the Internet today is becoming a hot topic. Whereas
only a decade ago the number of break-ins to sites was relatively
small, today, as companies realize that being unconnected is akin
to being out-of-business, the number of attacks and break-ins have
skyrocketed. Many times, a break-in occurs because of insecure
communications within a corporate network or from a service
provider. Almost all communications in computer networks are
unencrypted. Because of this, anyone who has access to a machine
connected to a network can sniff, or spy, on the communications
occurring on the network.”
“When a user logs into a network through telnet the password is
sent across as plain text. This fact is easily exploitable by an
attacker to use existing accounts to further an infiltration
attempt into a network. Once access has been gained to a network,
the contents of that network and it’s integrity become suspect.
Other attack methods can be used to gain network access as well.
These methods include connection hijacking and route spoofing. In
order to protect and secure networks and systems, encrypted
communication along with cryptographic authentication are required.
These properties help protect the integrity of a communication
session. This is where Secure Shell excels.”
“In this article, we will examine the installation and
configuration of Secure Shell V 1.2.27. This version of the
software is available under the GNU GPL. Secure Shell V. 2.0.13 is
no longer available under the GNU GPL and is only available for
unlicensed use by non- commercial organizations. The Secure Shell
software has become the standard for secure, encrypted
communication.”