|
Telnet and FTP service
Here is advance warning that as of Monday 22 March 2004 Telnet and FTP
services on Newt will no longer be accessible from the Internet. Telnet
and FTP access from within Physics will remain untouched for the time
being. This brings Newt in line with the other workstations within
the School such as Ugrad, Lizard, and Astro, and most other computers on
the Internet where security matters.
The reasons for shutting down Telnet and FTP access to Newt from
untrusted networks include:
- User names and passwords are transmitted over the wire unencrypted.
Third parties can (and do) compromise accounts by intercepting login
details.
- The alternative and more secure SSH protocol has gained widespread
acceptance. All modern *NIX systems (GNU/Linux, *BSD, MacOS X) come
with SSH support 'out of the box', and there are a number of decent SSH
clients for Windows 2000/XP and old MacOS systems prior to MacOS X. Refer
to the Secure Shell
page for information.
- Logs indicate that most people are using SSH and SFTP already, which is
great. Most FTP and Telnet users are would-be hackers and virus software
on the Internet. We are routinely bombarded by brute-force login
attempts via Telnet and FTP aimed at various login accounts---merely
supporting these insecure services makes us a target.
Remember, only access to Telnet and FTP from the Internet is being
withdrawn---local access from Physics will not be affected. Having said this,
all users are strongly encouraged to use SSH and SFTP no matter where they
connect from.
This change does not affect the ability of Dreamweaver users
in Old Main Building to transfer files to and from Newt via FTP.
You might like to visit
SFTP
bridge section of our Secure Shell page for information on using regular FTP
clients with a secure tunnel.
Links
Here are links relevant to this notice:
- Secure Shell page
(includes links to download SSH/SFTP software)
|
