Unsafe practices only invite one serious breach to wake some organisations up. VPN and ssh have been my standard tools used to work remotely on customer systems problems and to gain access to my systems at home from anywhere. Back then when we started shipping SPARC systems, we had one customer, a large UK insurance company whose staff attended our European SHARE conference and on return thought the bulk of our customers who were mainframe users were paranoid. It took almost a complete day of downtime to convince them otherwise. One of their systems programmers had made a change to the system which caused the problem and it was only when he returned to work and looked into the problem, he reversed his change and the system came up. In a mainframe environment someone would have been fired. We had to insist they instituted a change control system and that every change had to be fully documented before, throughout and after any change. Regards Sid. On 27/06/14 20:18, Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Friday, 2014-06-27 at 13:29 +0100, Sid Boyce wrote:
misunderstand. I grumble that I'm forced to connect to important, to me, servers using telnet.
I thought telnet was dead decades. I have been using ssh to everything on my network including routers, cable modems, ARM boxes, remote SPARC Enterprise servers, etc.
Mmmm... back on the year 2000, I was working with a group setting up a supervision network for a big telco. One of the things was remote access to old and very expensive machines that didn't know anything about tcp/ip; instead it used local serial port terminals and printers. This were then connected to a special router, and converted to telnet, for remote access.
Telnet, not ssh. Via big intranet, so in theory, someone could snoop.
Some time before, I saw technicians accessing similar machines via phone and modem, without password. Had some bad body found out, and wanted to, and knew how, he could have caused really huge damage, measured in millions of euros.
I'm afraid that a lot of the industry has never used secure practices. Of course, I can only judge by my limited knowledge, I haven't sampled all the industries - LOL.
- -- Cheers, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux)
iEYEARECAAYFAlOtw3wACgkQtTMYHG2NR9UmkQCfUY5mMiXtgZmEcP8qqFlPf2G3 eGUAnjPKIcW7r9UD49lhz1A3qUPLE5TK =UEEN -----END PGP SIGNATURE-----
-- Sid Boyce ... Hamradio License G3VBV, Licensed Private Pilot Emeritus IBM/Amdahl Mainframes and Sun/Fujitsu Servers Tech Support Senior Staff Specialist, Cricket Coach Microsoft Windows Free Zone - Linux used for all Computing Tasks -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org