Telnet to circ module?

John M. Morris jmorris at dtx.net
Tue Jul 14 21:39:21 EDT 1998


On Tue, 14 Jul 1998, Karen G. Schneider wrote:

> specifically about security of the circulation data.  The concern was
> expressed that if we are connecting to the circ module via telnet, people
> could, if they wanted to, spy on the data passing to and fro.  Needless to
> say, we wouldn't want that.  I am not expert enough in the telnet protocol

Telnet is completely 'in the clear' as regards security issues.  However
for anyone to sniff anything from the session they would need to be
plugged into one of the LAN segments your packets travel across.  If both
sides are dialed into the same provider their system is the only extra
link in the chain and if you can trust them to a) not sniff packets
themselves and b) run a secure enough network that nobody else is likely
to crack their system and run a packet sniffer then don't worry.
Otherwise you might want to investigate ssh.  I think it lives out on
ftp.replay.com to avoid those pesky U.S. export laws regarding crypto
tools.

John M.      http://www.dtx.net/~jmorris         This post is 100% M$ Free!
Geek code 3.0:GCS C+++ UL++++$ P+++ L+++ W+ N++ w-- Y+ 5+++ R tv- b++ e* r%
===========================================================================
The views expressed certainly don't reflect those of CCC Internet Services.



More information about the Web4lib mailing list