• Web access, false BBS ID

    From Michel Samson@1:106/2000 to Andy Ball on Wed Oct 27 23:00:02 2004
    Hi Andy,

    About "Web BBS" of October 27:

    Are there any web-access BBSs, other than EleWeb...
    Take a peek into the `FdN_SysOp.Rights' echo... ...October 13...
    ...the obvious lack of security is what i'd call a deterrent, in
    favour of plain old DialUp/~TelNet~ BBSing, i mean...
    How is this any more secure than an unencrypted HTTP connection?
    ...BBSers like me who don't know how to steal PassWords do have a
    way to steal identities! We're in perfect agreement over ~SSH~,
    not the removal of ~TelNet~. ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
    It was bound to happen, eventually.

    I guess this event can be classified according to the laws of chaos
    but other natural laws will predict that all good things come to an end!

    %-)

    What's the hole? I don't see it. ...that's nothing new...
    Sysops seem pretty thin on the ground these days...

    Considering the apparent lack of concern from authors/SysOps on who
    the BBSers depended for their SoftWare when the whole BBS community went
    thru the ~TelNet~ transition, euh... relatively to a most basic feature
    of DialUp BSSing (file-transfer!), euh... Pardon my negativism but it's
    not tempting to leave such people too much ground so that this adventure
    is repeated in the same exclusive fashion again! Important things which
    ~WEB~ BBSes must address first are treated last, it seems; that's how a stranger's name replaced mine! It never happened when using ~TelNet~...

    %-o

    If I were to set up a BBS with Internet access, SSH is probably the approach that I would take. Web-based BBS have their place too.

    I'd make the UpGrade Path INCLUSIVE. I'm thinking of a scheme like
    ~POP3~ before ~SMTP~ but with a twist; i'd keep ~TelNet~ but require my
    LEGACY users to validate using ~SSH~ and then grant ~TelNet~ access only
    after the ~IP~ address is approved... I can live with innovations since ~TelNet~ can be secure enough if combined with ~SSH~/~HTTPS~ and i might
    even imagine other ways to adapt plain old ~TelNet~ sessions without any
    newer protocols (via additionnal security macros/utilities, perhaps?)...

    %^)

    Telnet clients are ubiquitous, the fact that they come as standard equipment with most operating system software, and are available for
    more besides (including DOS) counts in favour of telnet.

    Now that we begin to get ~TelNet~ clients with decent file-transfer support (after years of waiting) lets enjoy what's here, i would say!...

    :)

    Whether to allow the use of an insecure protocol to access the BBS
    is ultimately the sysop's decision.

    And a BBSer's choice, as well. I'm a relatively young BBSer but it
    isn't acceptable to have multiple identities (nor aliases) on `FidoNet';
    i'd know what MY option is should the matter become a major problem! My previous reply followed this logic, in a way: we always have the option
    of informing the authors/SysOps about security issues we come to notice.

    Salutations, :)

    Michel Samson
    a/s Bicephale
    http://public.sogetel.net/bicephale/


    ... `MS-DOS v7.10a'+`LSPPP v0.8'+`RLFossil v1.23'+`MS-Kermit v3.15 Med.'
    ___ MultiMail/MS-DOS v0.45 - Numbers make BBSing UNIVERSAL, not sugar...
    --- Maximus/2 3.01
    * Origin: COMM Port OS/2 juge.com 204.89.247.1 (281) 980-9671 (1:106/2000)
  • From haliphax@1:2800/18 to Michel Samson on Thu Oct 28 16:21:00 2004
    is repeated in the same exclusive fashion again! Important things which ~WEB~ BBSes must address first are treated last, it seems; that's how a stranger's name replaced mine! It never happened when using ~TelNet~...

    uhm... i think that's just a coincidence. it would have been just as easy,
    if i understand the situation now, to have used your name on another telnet
    bbs that is a part of fidonet.

    -todd

    |07 --haliphax |15//|07rMRS
    |02 cotm.dyndns.org
    |07 vanguard mods
    --- Mystic BBS v1.07.3 (Win32)
    * Origin: constipation of the mind :: cotm.dyndns.org (1:2800/18)
  • From MICHEL SAMSON@1:10/345 to ANDY BALL on Thu Oct 28 23:33:00 2004
    Hi Andy,

    About "TelNet vs SSH" of October 28:

    Are there any web-access BBSs, other than EleWeb...
    ...the obvious lack of security is what i'd call a deterrent, in
    favour of plain old DialUp/~TelNet~ BBSing, i mean...
    How is this any more secure than an unencrypted HTTP connection?
    We're in perfect agreement over ~SSH~, not the removal of ~TelNet~.
    Sysops seem pretty thin on the ground these days...
    ...it's not tempting to leave such people too much ground...
    What telnet transition?

    Well, for some people, not everyone, euh... the total disapearance
    of local DialUp BBSes didn't take place without being noticed; for some
    BBSers among the others, the transition to ~TelNet~ was relatively easy.

    %-b,

    A couple years suffice, in absence of any help. The real challenge
    was ~OLMR~ BBSing which depended on the availability of ~TelNet~ clients
    with suitable `ZMoDem' support, as far as i'm concerned. Of course, for
    some people, not everyone, euh... SoftWare/HardWare may be an issue but
    others will argue this is only marginal. And now, for the ones who must
    cope with transitions on their own, euh... there's more to come: ~WEB~
    access (which may go unnoticed by some people but not everyone) and then
    ~SSH~ (idem). Considering the increasing number of these transitions, i shouldn't be surprized that you must happen to wonder about which it is!

    ;-)

    AB} After reading this paragraph several times I /think/ I understand...
    ...use English more simply, you may end up with more readable...

    More than once! In that case i shall make my posts *LESS* legible!

    8-)

    I'd make the UpGrade Path INCLUSIVE. I'm thinking of a scheme like
    ~POP3~ before ~SMTP~... ...i'd keep ~TelNet~ but require my LEGACY
    users to validate using ~SSH~ and then grant ~TelNet~ access only
    after the ~IP~ address is approved...
    Please explain... That would not work for the many, many people who
    are assigned IP addresses dynamically...
    ^^^^^^^^^^^
    Instead of "like" i should have wrote "similar" as i wouldn't agree
    to depend on ~E-Mail~ myself (not before i tried some sturdier methods)!

    :)

    Indeed, but i haven't tried to determine on which criteria the ~IP~ address should be approved just yet. What about Domain Names? This was
    only meant as an alternative to accomodate BBSers who must connect using
    ~SSH~ then ~TelNet~ *SEPARATELY*, for some reason... The BBSer could be requested to connect through a recognized access to retain his privilege
    and, since the number of ~ISP~s increases while more BBSers quit all the
    time, euh... the likelihood that BSS hackers who got the same ~ISP~ may
    try to steal my identity got slim (and French-Canadian BBSers are rare)!

    ...~TelNet~ can be secure enough if combined with ~SSH~/~HTTPS~...
    Combining them is odd.

    Combining them would accomodate BBSers who can't use file transfers
    over a same ~SSH~ session but who could ~SSH~ then ~TelNet~, separately.

    To accomodate BBSers when there's only a few left isn't that "odd".

    Why reinvent the wheel?

    Yes, that's one question i keep asking myself all the time when the
    file transfers over ~TelNet~ problem is on topic!!! Authors/SysOps need
    to play with new stuff but why break the UpGrade Path and impose on us?!

    :(

    Those who promote ~WEB~-based interfacing to .QWK doors help BBSing
    but not when something as basic as identity is overlooked, unless it's a
    world where the only users left are all SysOps who have lost control and
    who just can't cut each other's feeds without hurting `FdN' to death!...

    %-b,

    Salutations,

    Michel Samson
    a/s Bicephale
    http://public.sogetel.net/bicephale/


    ... I BBS using LEGACY DOS+TCP/IP+TelNet+ZMoDem/Kermit+.QWK technologies
    --- MultiMail/MS-DOS v0.45 - Trying to make TelNet OLMR BBSing UNIVERSAL
    * Origin: BBS Networks @ www.bbsnets.com 808-839-6036 (1:10/345)
  • From haliphax@1:2800/18 to MICHEL SAMSON on Fri Oct 29 13:19:00 2004
    cope with transitions on their own, euh... there's more to come: ~WEB~ access (which may go unnoticed by some people but not everyone) and then ~SSH~ (idem). Considering the increasing number of these transitions, i shouldn't be surprized that you must happen to wonder about which it is!

    uhm.. the transition to ssh from telnet is practically nothing. the technologies are strikingly similar. i just look at ssh like a secure telnet session. it has the same ansi graphics, etc...

    -todd

    |07 --haliphax |15//|07rMRS
    |02 cotm.dyndns.org
    |07 vanguard mods
    --- Mystic BBS v1.07.3 (Win32)
    * Origin: constipation of the mind :: cotm.dyndns.org (1:2800/18)
  • From Michel Samson@1:106/2000 to Andy Ball on Sat Oct 30 06:43:00 2004
    Hi Andy,

    About "TelNet vs SSH" of October 29:

    Are there any web-access BBSs, other than EleWeb...
    ...the obvious lack of security is what i'd call a deterrent, in
    favour of plain old DialUp/~TelNet~ BBSing, i mean...
    How is this any more secure than an unencrypted HTTP connection?
    We're in perfect agreement over ~SSH~, not the removal of ~TelNet~.
    Sysops seem pretty thin on the ground these days...
    ...it's not tempting to leave such people too much ground...
    What telnet transition?
    ...total disapearance of local DialUp BBSes... The real challenge
    was ~OLMR~ BBSing which depended on the availability of ~TelNet~
    clients with suitable `ZMoDem' support... ...for the ones who must
    cope with transitions on their own... there's more to come...
    You make it sound as though users are being forced to progress
    through dial-up -> Telnet -> Web -> SSH, which is nonsense.

    You fail to take into account the context where an analogy with the "~POP3~ before ~SMTP~" validation method is brought in, i wonder if it's obvious to you what "~POP3~ before ~SMTP~" is implying. ;-) Throughout
    the years, Authors/SysOps have been acting like MicroSoft $hare holder$,
    or employee$: they took for granted that all BBSers are using `Windows'
    and it's even more specific than that since a BBSer's HardWare should be
    able to run a `Win 32' OS for ~SSH~/~HTTPS~; i've lived thru times when
    there were no other way to get `ZMoDem'/~TelNet~, ~WEB~ access, ~SSH~ or ~HTTPS~ than to launch `Win 32', i mean... Each time the authors/SysOps discover a new standard they fail to ensure that it doesn't break what i
    call the "UpGrade Path" and *THAT* is what sounds like "nonsense" to me.

    None are compulsory and there is certainly no need to progress
    through them in any kind of sequence. Do you suggest that the user
    is authenticated on the basis of a static IP address? Perhaps you
    meant once each session, but you have still not explained what
    mechanisms you would use for authentication and encryption.

    I missed the point, really? 1st, the time-scale is over years when
    i discuss "transitions" like going ~TelNet~ because there's no BBS left;
    the time-scale is over minutes when the topic is about validation in the "~POP3~ before ~SMTP~" fashion. There's no need to explore ways to make ~TelNet~ secure with help of ~SSH~ or ~HTTPS~ since authors/SysOps would
    just remove that LEGACY feature instead but i will because you insist...

    ...i haven't tried to determine on which criteria the ~IP~ address
    should be approved just yet. What about Domain Names?
    What about them? Do you expect BBS users to register a domain name
    just so that they can connect to a BBS?

    I'd be a monster and a fraud if i were to promote BBSing like this!

    This was only meant as an alternative to accomodate BBSers who must
    connect using ~SSH~ then ~TelNet~ *SEPARATELY*, for some reason...
    What reason? Describe a scenario in which this makes sense.

    Lets start with the BBS system from where i'm posting right now. I
    got "69.75.117.170" when i fed `NSLookUp' with "BBSNets.COM" and then it
    led to two very distinct results when i used `TraceRt'... I have access
    to two different ~ISP~s at home so i made this test with both and here's
    what i found: my 128 Kbps ~DSL~ feed gives two consistent strings which
    show up as "bellnexia.net" and "inet.qwest.net" in the listing; with my
    DialUp account there were three of these, somehwere in the listing i got "sogetel.net", "vtl.net" and "level3.net". In both cases, it began with
    a Domain Name i could associate with the ~ISP~ i used to ~TelNet~ and it
    ended with what i believe to be the Domain Name of the ~ISP~ which gives
    access the remote BBS system. Forget about the exact ~IP~s and focus on paterns which can be recognized time after time after time when the user connects to the ~TelNettable~ BBS via his ~ISP~. Now, lets combine with
    this distinct patern a form of secure validation thru the previous ~SSH~
    or ~HTTPS~ session (which took place MINUTES AGO); if i were a SysOp, a validation method as selective as this would sound secure enough for the
    LEGACY BBSers to use ~TelNet~. In this context, it does make sense, no?

    ...accomodate BBSers who can't use file transfers over a same ~SSH~
    session but who could ~SSH~ then ~TelNet~, separately.
    It may also be possible to use traditional BBS file transfer
    protocols such as XModem, Kermit etc. over an SSH connection.

    Human perception is amazing. Anyway, as i explained, ~SSH~/~HTTPS~
    and ~TelNet~ ARE available separately, probably under most of the OSes i
    can think of and even under DOS i might add! I see no reason why i'd be
    unable to validate thru ~SSH~ and then call a BBS thru unsecure ~TelNet~ SoftWare, given the validation scheme i have in mind can be supported...

    ;-)

    So far, once a session is initiated i wouldn't care that my BBSer's
    ~IP~ is changing as long as his partern is going to be the same. Do you
    still fail to see where the "~POP3~ before ~SMTP~" analogy fits here, or
    must we argue further over something which we both know won't happen?...

    `Zap-O-Com' would allow that but this is a `Win 32' application and
    i rarely launch `Windows' just to get a message-packet (the wait is very
    long and is measured in minutes because INet acces under `Windows' would require that i use a Fire-Wall, an Anti-Virus and also an Anti-PopUp, if
    the only option left is a ~WEB~ BBS)... All this HardWare and SoftWare,
    just for a message-packet! How can i say, it's like driving a 10 wheels
    heavy truck to go buy chips at the local store! Access to our hobby can
    be made simpler for BBSers, SysOps should ensure smoother UpGrade Paths.

    Salutations, ;-)

    Michel Samson
    a/s Bicephale
    http://public.sogetel.net/bicephale/


    ... W32/WSock+DSL+COM/IP+DOS/Int-14+MS-Kermit+.QWK are LEGACY inclusive.
    ___ MultiMail/MS-DOS v0.45 - It could make TelNet OLMR BBSing UNIVERSAL!
    --- Maximus/2 3.01
    * Origin: COMM Port OS/2 juge.com 204.89.247.1 (281) 980-9671 (1:106/2000)
  • From Jon Watson@1:134/703 to haliphax on Thu Oct 28 23:20:14 2004
    ======>>> haliphax, 1:2800/18 wrote:

    Originally to: Michel Samson

    is repeated in the same exclusive fashion again!á Important things which ~WEB~ BBSes must address first are treated last, it seems;á that's how a stranger's name replaced mine!á It never happened when using ~TelNet~...

    uhm... i think that's just a coincidence. it would have been just as easy,
    if i understand the situation now, to have used your name on another telnet
    bbs that is a part of fidonet.

    -todd

    |07á á á--haliphax |15//|07rMRS
    |02á á á cotm.dyndns.org
    |07á á á ávanguard mods

    <<<====== end quote


    Yes! Exactly my point since the beginning. It's so painfully obvious to me that
    I thought I might have missed something and that wasn't what everyone was talking- about, but apparently not.

    This thread has outlived it's usefulness.
    -FOTW: read your
    Fidonet On The Web!
    http://www.theheatsinkbbs.ca :=-
    --- Internet Rex 2.29
    * Origin: The gateway at The HeatSink BBS (1:134/703)
  • From Stephen Hurd@1:140/17 to Michel Samson on Sat Oct 30 20:24:01 2004
    Re: Web access, false BBS ID
    By: Michel Samson to Andy Ball on Sat Oct 30 2004 05:43:00

    able to run a `Win 32' OS for ~SSH~/~HTTPS~; i've lived thru times when there were no other way to get `ZMoDem'/~TelNet~, ~WEB~ access, ~SSH~ or ~HTTPS~ than to launch `Win 32', i mean... Each time the authors/SysOps discover a new standard they fail to ensure that it doesn't break what i call the "UpGrade Path" and *THAT* is what sounds like "nonsense" to me.

    Considering the fact that the worlds first Telnet server and client were written for UNIX and released as open source, and that the same is true for ZModem makes it very hard for me to believe that no OS except for Win32 was capable of this.

    If you mean from (Which I assume you do) that's probobly because DOS is dead.

    By dead of course, I mean the vendor no longer sells nor supports it - not that nobody uses it (The last number I saw was 100 million in year 2000)

    authors/SysOps have no need to support old platforms unless they specifically want to. Computers with 40-column displays for example stopped being supported on BBSs in the late 80s... except of course for the ones specifically targeting that group.

    It's also quite difficult to find new parts for Edsels. Why? Because they don't make, sell, or "support" them anymore.
    --- SBBSecho 2.10-FreeBSD
    * Origin: FreeBSD Synchronet - telnet://FreeBSD.synchro.net (1:140/17)
  • From MICHEL SAMSON@1:10/345 to ANDY BALL on Sun Oct 31 07:53:00 2004
    Hi Andy,

    About "Telnet Vs SSH" of Octobre 30:

    You fail to take into account the context...
    ...don't expect readers to divine it through psychic means! Also
    note that SSH and HTTPS are in no way tied to MS Windows.

    Oh! My crysal ball shows you're becoming somewhat apprehensive, as
    if your life would depend on it! Why must you keep making me look as if
    i made a statement or another and then steer topics in all directions?!?

    8-o

    Validation for an SSH or HTTPS session probably only lasts for the
    duration of that session. It is not a reasonable basis for anything
    that happens after that session has ended.

    I appreciate the expert way in which you illustrate it, it's just i
    don't try to make ~TelNet~ secure - only safer!... Anyway, i favour the prolonged support of this protocol, not a revision of it. The objection
    over UserNames/PassWords being sent legibly over ~TelNet~ was noted, you
    got my reply. Yet, the validation step can be done elsewhere via ~SSH~.

    That's it! I guess you got "combining" translated to the letter...

    I see no reason why i'd be unable to validate thru ~SSH~ and then
    call a BBS thru unsecure ~TelNet~ SoftWare...
    AB} I never said that you couldn't.

    I sense a trace of irritation while LEGACY BBSers are mentioned, my reading of your late post tells me you're getting frustrated because our
    little chat suffers from noise. I never wrote that you said i couldn't,
    and you didn't hear me say so - unless your mental powers were at work!?

    Tunnelling through an SSH connection is common practice.
    Use of the Web does not require MS Windows.

    Who wants to "Tunnel"? It's OKay if "~POP3~ before ~SMTP~" doesn't
    remind you of anything... Andy, i don't get paid to have correspondance
    on `FidoNet' and the intervention i addressed to mister Gordon was meant
    to mention a failure observed on a ~WEB~-based BBS system. I'll have to
    ignore the rest, i find futile to correct more assertions about what i'm supposed to think! My .QWK message-packets don't need to go thru ~SSH~.

    Salutations,

    Michel Samson
    a/s Bicephale


    ... I BBS using LEGACY DOS+TCP/IP+TelNet+ZMoDem/Kermit+.QWK technologies
    --- MultiMail/MS-DOS v0.45 - It could make TelNet OLMR BBSing UNIVERSAL!
    * Origin: BBS Networks @ www.bbsnets.com 808-839-6036 (1:10/345)
  • From Greg Goodwin@1:10/345 to Michel Samson on Sun Oct 31 11:51:50 2004
    Well, interesting conversation.

    So exactly how insecure is a telnet connection? :)

    Doc Clu


    Hi Andy,
    About "Telnet Vs SSH" of Octobre 30:
    You fail to take into account the context...
    ...don't expect readers to divine it through psychic means! Also
    note that SSH and HTTPS are in no way tied to MS Windows.
    Oh! My crysal ball shows you're becoming somewhat apprehensive, as
    if your life would depend on it! Why must you keep making me look as if
    i made a statement or another and then steer topics in all directions?!?
    8-o
    Validation for an SSH or HTTPS session probably only lasts for the
    duration of that session. It is not a reasonable basis for anything
    that happens after that session has ended.
    I appreciate the expert way in which you illustrate it, it's just i
    don't try to make ~TelNet~ secure - only safer!... Anyway, i favour the prolonged support of this protocol, not a revision of it. The objection
    over UserNames/PassWords being sent legibly over ~TelNet~ was noted, you
    got my reply. Yet, the validation step can be done elsewhere via ~SSH~. That's it! I guess you got "combining" translated to the letter...
    I see no reason why i'd be unable to validate thru ~SSH~ and then
    call a BBS thru unsecure ~TelNet~ SoftWare...
    AB} I never said that you couldn't.
    I sense a trace of irritation while LEGACY BBSers are mentioned, my
    reading of your late post tells me you're getting frustrated because our little chat suffers from noise. I never wrote that you said i couldn't,
    and you didn't hear me say so - unless your mental powers were at work!?
    Tunnelling through an SSH connection is common practice.
    Use of the Web does not require MS Windows.
    Who wants to "Tunnel"? It's OKay if "~POP3~ before ~SMTP~" doesn't
    remind you of anything... Andy, i don't get paid to have correspondance
    on `FidoNet' and the intervention i addressed to mister Gordon was meant
    to mention a failure observed on a ~WEB~-based BBS system. I'll have to ignore the rest, i find futile to correct more assertions about what i'm supposed to think! My .QWK message-packets don't need to go thru ~SSH~. Salutations,
    Michel Samson
    a/s Bicephale
    ... I BBS using LEGACY DOS+TCP/IP+TelNet+ZMoDem/Kermit+.QWK technologies
    --- BBBS/NT v4.01 Flag-5
    # Origin: FamilyNet Sponsored by http://www.christian-wellness.net (8:8/2)
    * Origin: BBS Networks @ www.bbsnets.com 808-839-6036 (1:10/345)
  • From Greg Goodwin@1:10/345 to Michel Samson on Sun Oct 31 11:51:52 2004
    Well, interesting conversation.

    So exactly how insecure is a telnet connection? :)

    Doc Clu


    Hi Andy,
    About "Telnet Vs SSH" of Octobre 30:
    You fail to take into account the context...
    ...don't expect readers to divine it through psychic means! Also
    note that SSH and HTTPS are in no way tied to MS Windows.
    Oh! My crysal ball shows you're becoming somewhat apprehensive, as
    if your life would depend on it! Why must you keep making me look as if
    i made a statement or another and then steer topics in all directions?!?
    8-o
    Validation for an SSH or HTTPS session probably only lasts for the
    duration of that session. It is not a reasonable basis for anything
    that happens after that session has ended.
    I appreciate the expert way in which you illustrate it, it's just i
    don't try to make ~TelNet~ secure - only safer!... Anyway, i favour the prolonged support of this protocol, not a revision of it. The objection
    over UserNames/PassWords being sent legibly over ~TelNet~ was noted, you
    got my reply. Yet, the validation step can be done elsewhere via ~SSH~. That's it! I guess you got "combining" translated to the letter...
    I see no reason why i'd be unable to validate thru ~SSH~ and then
    call a BBS thru unsecure ~TelNet~ SoftWare...
    AB} I never said that you couldn't.
    I sense a trace of irritation while LEGACY BBSers are mentioned, my
    reading of your late post tells me you're getting frustrated because our little chat suffers from noise. I never wrote that you said i couldn't,
    and you didn't hear me say so - unless your mental powers were at work!?
    Tunnelling through an SSH connection is common practice.
    Use of the Web does not require MS Windows.
    Who wants to "Tunnel"? It's OKay if "~POP3~ before ~SMTP~" doesn't
    remind you of anything... Andy, i don't get paid to have correspondance
    on `FidoNet' and the intervention i addressed to mister Gordon was meant
    to mention a failure observed on a ~WEB~-based BBS system. I'll have to ignore the rest, i find futile to correct more assertions about what i'm supposed to think! My .QWK message-packets don't need to go thru ~SSH~. Salutations,
    Michel Samson
    a/s Bicephale
    ... I BBS using LEGACY DOS+TCP/IP+TelNet+ZMoDem/Kermit+.QWK technologies
    --- BBBS/NT v4.01 Flag-5
    # Origin: FamilyNet Sponsored by http://www.christian-wellness.net (8:8/2)
    * Origin: BBS Networks @ www.bbsnets.com 808-839-6036 (1:10/345)
  • From Greg Goodwin@1:10/345 to Michel Samson on Sun Oct 31 11:51:54 2004
    Well, interesting conversation.

    So exactly how insecure is a telnet connection? :)

    Doc Clu


    Hi Andy,
    About "Telnet Vs SSH" of Octobre 30:
    You fail to take into account the context...
    ...don't expect readers to divine it through psychic means! Also
    note that SSH and HTTPS are in no way tied to MS Windows.
    Oh! My crysal ball shows you're becoming somewhat apprehensive, as
    if your life would depend on it! Why must you keep making me look as if
    i made a statement or another and then steer topics in all directions?!?
    8-o
    Validation for an SSH or HTTPS session probably only lasts for the
    duration of that session. It is not a reasonable basis for anything
    that happens after that session has ended.
    I appreciate the expert way in which you illustrate it, it's just i
    don't try to make ~TelNet~ secure - only safer!... Anyway, i favour the prolonged support of this protocol, not a revision of it. The objection
    over UserNames/PassWords being sent legibly over ~TelNet~ was noted, you
    got my reply. Yet, the validation step can be done elsewhere via ~SSH~. That's it! I guess you got "combining" translated to the letter...
    I see no reason why i'd be unable to validate thru ~SSH~ and then
    call a BBS thru unsecure ~TelNet~ SoftWare...
    AB} I never said that you couldn't.
    I sense a trace of irritation while LEGACY BBSers are mentioned, my
    reading of your late post tells me you're getting frustrated because our little chat suffers from noise. I never wrote that you said i couldn't,
    and you didn't hear me say so - unless your mental powers were at work!?
    Tunnelling through an SSH connection is common practice.
    Use of the Web does not require MS Windows.
    Who wants to "Tunnel"? It's OKay if "~POP3~ before ~SMTP~" doesn't
    remind you of anything... Andy, i don't get paid to have correspondance
    on `FidoNet' and the intervention i addressed to mister Gordon was meant
    to mention a failure observed on a ~WEB~-based BBS system. I'll have to ignore the rest, i find futile to correct more assertions about what i'm supposed to think! My .QWK message-packets don't need to go thru ~SSH~. Salutations,
    Michel Samson
    a/s Bicephale
    ... I BBS using LEGACY DOS+TCP/IP+TelNet+ZMoDem/Kermit+.QWK technologies
    --- BBBS/NT v4.01 Flag-5
    # Origin: FamilyNet Sponsored by http://www.christian-wellness.net (8:8/2)
    * Origin: BBS Networks @ www.bbsnets.com 808-839-6036 (1:10/345)
  • From Greg Goodwin@1:10/345 to Michel Samson on Sun Oct 31 11:51:56 2004
    Well, interesting conversation.

    So exactly how insecure is a telnet connection? :)

    Doc Clu


    Hi Andy,
    About "Telnet Vs SSH" of Octobre 30:
    You fail to take into account the context...
    ...don't expect readers to divine it through psychic means! Also
    note that SSH and HTTPS are in no way tied to MS Windows.
    Oh! My crysal ball shows you're becoming somewhat apprehensive, as
    if your life would depend on it! Why must you keep making me look as if
    i made a statement or another and then steer topics in all directions?!?
    8-o
    Validation for an SSH or HTTPS session probably only lasts for the
    duration of that session. It is not a reasonable basis for anything
    that happens after that session has ended.
    I appreciate the expert way in which you illustrate it, it's just i
    don't try to make ~TelNet~ secure - only safer!... Anyway, i favour the prolonged support of this protocol, not a revision of it. The objection
    over UserNames/PassWords being sent legibly over ~TelNet~ was noted, you
    got my reply. Yet, the validation step can be done elsewhere via ~SSH~. That's it! I guess you got "combining" translated to the letter...
    I see no reason why i'd be unable to validate thru ~SSH~ and then
    call a BBS thru unsecure ~TelNet~ SoftWare...
    AB} I never said that you couldn't.
    I sense a trace of irritation while LEGACY BBSers are mentioned, my
    reading of your late post tells me you're getting frustrated because our little chat suffers from noise. I never wrote that you said i couldn't,
    and you didn't hear me say so - unless your mental powers were at work!?
    Tunnelling through an SSH connection is common practice.
    Use of the Web does not require MS Windows.
    Who wants to "Tunnel"? It's OKay if "~POP3~ before ~SMTP~" doesn't
    remind you of anything... Andy, i don't get paid to have correspondance
    on `FidoNet' and the intervention i addressed to mister Gordon was meant
    to mention a failure observed on a ~WEB~-based BBS system. I'll have to ignore the rest, i find futile to correct more assertions about what i'm supposed to think! My .QWK message-packets don't need to go thru ~SSH~. Salutations,
    Michel Samson
    a/s Bicephale
    ... I BBS using LEGACY DOS+TCP/IP+TelNet+ZMoDem/Kermit+.QWK technologies
    --- BBBS/NT v4.01 Flag-5
    # Origin: FamilyNet Sponsored by http://www.christian-wellness.net (8:8/2)
    * Origin: BBS Networks @ www.bbsnets.com 808-839-6036 (1:10/345)
  • From Greg Goodwin@1:10/345 to Michel Samson on Sun Oct 31 11:51:58 2004
    Well, interesting conversation.

    So exactly how insecure is a telnet connection? :)

    Doc Clu


    Hi Andy,
    About "Telnet Vs SSH" of Octobre 30:
    You fail to take into account the context...
    ...don't expect readers to divine it through psychic means! Also
    note that SSH and HTTPS are in no way tied to MS Windows.
    Oh! My crysal ball shows you're becoming somewhat apprehensive, as
    if your life would depend on it! Why must you keep making me look as if
    i made a statement or another and then steer topics in all directions?!?
    8-o
    Validation for an SSH or HTTPS session probably only lasts for the
    duration of that session. It is not a reasonable basis for anything
    that happens after that session has ended.
    I appreciate the expert way in which you illustrate it, it's just i
    don't try to make ~TelNet~ secure - only safer!... Anyway, i favour the prolonged support of this protocol, not a revision of it. The objection
    over UserNames/PassWords being sent legibly over ~TelNet~ was noted, you
    got my reply. Yet, the validation step can be done elsewhere via ~SSH~. That's it! I guess you got "combining" translated to the letter...
    I see no reason why i'd be unable to validate thru ~SSH~ and then
    call a BBS thru unsecure ~TelNet~ SoftWare...
    AB} I never said that you couldn't.
    I sense a trace of irritation while LEGACY BBSers are mentioned, my
    reading of your late post tells me you're getting frustrated because our little chat suffers from noise. I never wrote that you said i couldn't,
    and you didn't hear me say so - unless your mental powers were at work!?
    Tunnelling through an SSH connection is common practice.
    Use of the Web does not require MS Windows.
    Who wants to "Tunnel"? It's OKay if "~POP3~ before ~SMTP~" doesn't
    remind you of anything... Andy, i don't get paid to have correspondance
    on `FidoNet' and the intervention i addressed to mister Gordon was meant
    to mention a failure observed on a ~WEB~-based BBS system. I'll have to ignore the rest, i find futile to correct more assertions about what i'm supposed to think! My .QWK message-packets don't need to go thru ~SSH~. Salutations,
    Michel Samson
    a/s Bicephale
    ... I BBS using LEGACY DOS+TCP/IP+TelNet+ZMoDem/Kermit+.QWK technologies
    --- BBBS/NT v4.01 Flag-5
    # Origin: FamilyNet Sponsored by http://www.christian-wellness.net (8:8/2)
    * Origin: BBS Networks @ www.bbsnets.com 808-839-6036 (1:10/345)
  • From Greg Goodwin@1:10/345 to Michel Samson on Sun Oct 31 11:52:00 2004
    Well, interesting conversation.

    So exactly how insecure is a telnet connection? :)

    Doc Clu


    Hi Andy,
    About "Telnet Vs SSH" of Octobre 30:
    You fail to take into account the context...
    ...don't expect readers to divine it through psychic means! Also
    note that SSH and HTTPS are in no way tied to MS Windows.
    Oh! My crysal ball shows you're becoming somewhat apprehensive, as
    if your life would depend on it! Why must you keep making me look as if
    i made a statement or another and then steer topics in all directions?!?
    8-o
    Validation for an SSH or HTTPS session probably only lasts for the
    duration of that session. It is not a reasonable basis for anything
    that happens after that session has ended.
    I appreciate the expert way in which you illustrate it, it's just i
    don't try to make ~TelNet~ secure - only safer!... Anyway, i favour the prolonged support of this protocol, not a revision of it. The objection
    over UserNames/PassWords being sent legibly over ~TelNet~ was noted, you
    got my reply. Yet, the validation step can be done elsewhere via ~SSH~. That's it! I guess you got "combining" translated to the letter...
    I see no reason why i'd be unable to validate thru ~SSH~ and then
    call a BBS thru unsecure ~TelNet~ SoftWare...
    AB} I never said that you couldn't.
    I sense a trace of irritation while LEGACY BBSers are mentioned, my
    reading of your late post tells me you're getting frustrated because our little chat suffers from noise. I never wrote that you said i couldn't,
    and you didn't hear me say so - unless your mental powers were at work!?
    Tunnelling through an SSH connection is common practice.
    Use of the Web does not require MS Windows.
    Who wants to "Tunnel"? It's OKay if "~POP3~ before ~SMTP~" doesn't
    remind you of anything... Andy, i don't get paid to have correspondance
    on `FidoNet' and the intervention i addressed to mister Gordon was meant
    to mention a failure observed on a ~WEB~-based BBS system. I'll have to ignore the rest, i find futile to correct more assertions about what i'm supposed to think! My .QWK message-packets don't need to go thru ~SSH~. Salutations,
    Michel Samson
    a/s Bicephale
    ... I BBS using LEGACY DOS+TCP/IP+TelNet+ZMoDem/Kermit+.QWK technologies
    --- BBBS/NT v4.01 Flag-5
    # Origin: FamilyNet Sponsored by http://www.christian-wellness.net (8:8/2)
    * Origin: BBS Networks @ www.bbsnets.com 808-839-6036 (1:10/345)
  • From Greg Goodwin@1:10/345 to Michel Samson on Sun Oct 31 11:52:02 2004
    Well, interesting conversation.

    So exactly how insecure is a telnet connection? :)

    Doc Clu


    Hi Andy,
    About "Telnet Vs SSH" of Octobre 30:
    You fail to take into account the context...
    ...don't expect readers to divine it through psychic means! Also
    note that SSH and HTTPS are in no way tied to MS Windows.
    Oh! My crysal ball shows you're becoming somewhat apprehensive, as
    if your life would depend on it! Why must you keep making me look as if
    i made a statement or another and then steer topics in all directions?!?
    8-o
    Validation for an SSH or HTTPS session probably only lasts for the
    duration of that session. It is not a reasonable basis for anything
    that happens after that session has ended.
    I appreciate the expert way in which you illustrate it, it's just i
    don't try to make ~TelNet~ secure - only safer!... Anyway, i favour the prolonged support of this protocol, not a revision of it. The objection
    over UserNames/PassWords being sent legibly over ~TelNet~ was noted, you
    got my reply. Yet, the validation step can be done elsewhere via ~SSH~. That's it! I guess you got "combining" translated to the letter...
    I see no reason why i'd be unable to validate thru ~SSH~ and then
    call a BBS thru unsecure ~TelNet~ SoftWare...
    AB} I never said that you couldn't.
    I sense a trace of irritation while LEGACY BBSers are mentioned, my
    reading of your late post tells me you're getting frustrated because our little chat suffers from noise. I never wrote that you said i couldn't,
    and you didn't hear me say so - unless your mental powers were at work!?
    Tunnelling through an SSH connection is common practice.
    Use of the Web does not require MS Windows.
    Who wants to "Tunnel"? It's OKay if "~POP3~ before ~SMTP~" doesn't
    remind you of anything... Andy, i don't get paid to have correspondance
    on `FidoNet' and the intervention i addressed to mister Gordon was meant
    to mention a failure observed on a ~WEB~-based BBS system. I'll have to ignore the rest, i find futile to correct more assertions about what i'm supposed to think! My .QWK message-packets don't need to go thru ~SSH~. Salutations,
    Michel Samson
    a/s Bicephale
    ... I BBS using LEGACY DOS+TCP/IP+TelNet+ZMoDem/Kermit+.QWK technologies
    --- BBBS/NT v4.01 Flag-5
    # Origin: FamilyNet Sponsored by http://www.christian-wellness.net (8:8/2)
    * Origin: BBS Networks @ www.bbsnets.com 808-839-6036 (1:10/345)
  • From Stephen Hurd@1:140/17 to Greg Goodwin on Sun Oct 31 13:14:31 2004
    Re: Web access, false BBS ID
    By: Greg Goodwin to Michel Samson on Sun Oct 31 2004 11:51:54

    So exactly how insecure is a telnet connection? :)

    If someone manages to gain control of a system between you and the BBS, they WILL have your user ID and password as well as be able to record everything to do.
    --- SBBSecho 2.10-FreeBSD
    * Origin: FreeBSD Synchronet - telnet://FreeBSD.synchro.net (1:140/17)
  • From Robert Wolfe@1:3407/4 to Greg Goodwin on Sun Oct 31 22:48:30 2004
    On 10/31/2004 10:47 PM, GREG GOODWIN wrote to MICHEL SAMSON:

    Well, interesting conversation.

    So exactly how insecure is a telnet connection? :)

    Well, consider this ... I have been able to intercept keystrokes over a telnet connection a heck of a lot easier that I have been able to over an SSH connection to another site.
    --- Platinum Xpress/Win/Wildcat5! v2.0
    * Origin: Buffalo Online (1:3407/4)
  • From Robert Wolfe@1:3407/4 to Stephen Hurd on Sun Oct 31 22:49:18 2004
    On 10/31/2004 10:49 PM, STEPHEN HURD wrote to GREG GOODWIN:

    So exactly how insecure is a telnet connection? :)

    If someone manages to gain control of a system between you and the BBS, they WILL have your user ID and password as well as be able to record everything
    to
    do.

    Yeah, what he said :)
    --- Platinum Xpress/Win/Wildcat5! v2.0
    * Origin: Buffalo Online (1:3407/4)
  • From MICHEL SAMSON@1:10/345 to TODD BOYD on Mon Nov 1 10:58:00 2004
    Hi Todd,

    About "Web access, false BBS ID" of October 29:

    ...i remember being able to do it while i still had win98.
    ...ZModem is one of the worst protocols to use over telnet...
    ...why aren't you guys just using NTP to begin with?

    It's coming late but i thought that, if i were to reply, i'd answer
    i never heard of this `Nemesis Transfer Protocol'. When nerds were busy inventing `Kermit' (while i played with `Z-80' code, not BBSing), MoDems crawled beyond belief, no hobby justified the co$t of a 16-Bits PC and i focussed on things like the next album or event by Gary Numan, anyway...

    My age must be showing (at that time you weren't borned yet) but it
    turns out i discovered `Kermit' only after it evolved for over a decade;
    i intervein in related threads simply because it's what i can help with.

    %-)

    ...disapearance of local DialUp BBSes... ...transition to ~TelNet~
    was relatively easy. The real challenge was ~OLMR~ BBSing... And
    now... there's more to come: ~WEB~ access... ...and then ~SSH~...
    The transition to ssh from telnet is practically nothing.

    Yes, it's fairly easy if one has bought $hareWare like `Zap-O-Com'.

    The technologies are strikingly similar.

    Yes, that's what i've heard but ~RLogIn~ would be closer, it seems.

    I just look at ssh like a secure telnet session.

    I would as well if i happened to use `ZOC', which i don't since the
    whole `W32' OS itself is rarely running when i manage my correspondance.

    It has the same ansi graphics, etc...

    I went even further by suggesting it would be interactive enough to ~TelNet~ to an ~FTP~ server equiped with a .QWK command-set extension...

    Many protocols have ties with ~TelNet~, which is why i've been able
    to read/post ~NNTP~ articles using `MS-Kermit' as a terminal emulator, a
    few years ago; i wouldn't campaign against usage of ~SSH~ or ~HTTPS~, i
    just prefer to promote various ways to make the UpGrade Path smoother...

    Salutations, :)

    Michel Samson
    a/s Bicephale
    http://public.sogetel.net/bicephale/


    ... In 1981, with some effort, might we have got InterNet access on XTs?
    --- MultiMail/MS-DOS v0.45 - We could make TelNet OLMR BBSing UNIVERSAL!
    * Origin: BBS Networks @ www.bbsnets.com 808-839-6036 (1:10/345)
  • From MICHEL SAMSON@1:10/345 to STEPHEN HURD on Mon Nov 1 10:58:00 2004
    Hi Stephen,

    About "Web access, false BBS ID" of October 30:

    ...lived thru times when there were no other way to get `ZMoDem'/
    ~TelNet~, ~WEB~ access, ~SSH~ or ~HTTPS~ than to launch `Win 32'...
    ...hard for me to believe that no OS except for Win32 was capable...

    I observed problems with every single application i could find, the
    best was `IVT for DOS v11.3e' and it interfaced only with `PC/TCP' which
    was no free package; commercial SoftWare like `GLink' was too expensive
    just to be used for a hobby - and i won't even mention secure protocols!

    Authors/SysOps have no need to support old platforms...

    They don't. Though, i believe they'd be better fix things as basic
    as file transfers because when newbies hit their nose on the glass these
    guys can't be expected to display more perseverance than authors/SysOps!

    No need to explore an old hobby which authors/SysOps can't support.

    ...quite difficult to find new parts for Edsels. Why? Because they
    don't make, sell, or "support" them anymore.

    Then let the Edsels be forgotten and the BBSing hobby with it! The approach i suggest is different: make it work 1st, then make it popular
    next and lets not drop a few more BBSers each time there's a transition.

    Salutations, :)

    Michel Samson
    a/s Bicephale
    http://public.sogetel.net/bicephale/


    ... Hygrade: eat more since they're fresher, they're fresher because...
    --- MultiMail/MS-DOS v0.45 - Numbers make BBSing *UNIVERSAL*, not sugar!
    * Origin: BBS Networks @ www.bbsnets.com 808-839-6036 (1:10/345)
  • From MICHEL SAMSON@1:10/345 to ANDY BALL on Mon Nov 1 10:58:00 2004
    Hi Andy,

    About "Telnet Vs SSH" of October 31:

    Are there any web-access BBSs, other than EleWeb...
    ...the obvious lack of security is what i'd call a deterrent, in
    favour of plain old DialUp/~TelNet~ BBSing, i mean...
    How is this any more secure than an unencrypted HTTP connection?
    We're in perfect agreement over ~SSH~, not the removal of ~TelNet~.
    Sysops seem pretty thin on the ground these days...
    ...it's not tempting to leave such people too much ground...
    What telnet transition?
    ...total disapearance of local DialUp BBSes... The real challenge
    was ~OLMR~ BBSing... there's more to come...
    You make it sound as though... Validation for an SSH or HTTPS
    session probably only lasts for the duration of that session. It is
    not a reasonable basis... Tunnelling through an SSH connection is
    common practice. Use of the Web does not require MS Windows.
    ...i don't try to make ~TelNet~ secure - only safer!... Anyway, i
    favour the prolonged support of this protocol, not a revision of it.
    Yet, the validation step can be done elsewhere via ~SSH~. Who wants
    to "Tunnel"? ...the intervention i addressed to mister Gordon was
    meant to mention a failure observed on a ~WEB~-based BBS system.
    ...i find futile to correct more assertions about what i'm supposed
    to think! My .QWK message-packets don't need to go thru ~SSH~.
    What you are suggesting makes no sense. I may be misunderstanding
    you because your use of English does not convey the meaning...

    The nuance between "secure" and "safer" conveys enough meaning, too
    bad if you can't see the difference. There's no point in repeating that
    not all OSes have ~SSH~ applications supporting `ZMoDem' and/or `Kermit' simultaneously, or in argueing that UserNames/PassWords can be protected
    by using ~SSH~ but that granting ~TelNet~ access on the basis of an ~IP~ pattern is sufficiently safe (not secure) to transfer my message-packet.

    ...you can't back up your suggestions or answer...

    I see a difference between "can't" and "won't", more nuances you've
    failed to consider. I recognized how *UNPRODUCTIVE* this chat would be,
    from the start... This makes me regret that i didn't ignore you sooner!

    %-o

    You have proven that you belong back on my twit list in any case.

    Do me a favour, don't repeat your promisses again... Just proceed!

    Salutations,

    Michel Samson
    a/s Bicephale


    ... Exploring DOS+TCP/IP+TelNet+ZMoDem/Kermit+.QWK since mid-1996 or so.
    --- MultiMail/MS-DOS v0.45 - Making TelNet OLMR BBSing more *UNIVERSAL*!
    * Origin: BBS Networks @ www.bbsnets.com 808-839-6036 (1:10/345)
  • From MICHEL SAMSON@1:10/345 to GREG GOODWIN on Mon Nov 1 10:58:00 2004
    Hi Greg,

    About "Web access, false BBS ID" of October 31:

    ...interesting... So exactly how insecure is a telnet connection?
    If someone manages to gain control of a system between you and the
    BBS, they WILL have your user ID and password as well as be able to
    record everything you do.
    I have been able to intercept keystrokes over a telnet connection a
    heck of a lot easier that I have been able to over an SSH...

    I would have refered you to somebody else relatively to this topic,
    it's a relief when the right question is addressed to the right guru and
    vice versa... Security is relative, i don't suggest to revise ~TelNet~.

    Salutations,

    Michel Samson
    a/s Bicephale
    http://public.sogetel.net/bicephale/


    ... I BBS using LEGACY DOS+TCP/IP+TelNet+ZMoDem/Kermit+.QWK technologies
    --- MultiMail/MS-DOS v0.45 - Numbers make BBSing UNIVERSAL, not sugar...
    * Origin: BBS Networks @ www.bbsnets.com 808-839-6036 (1:10/345)
  • From Stephen Hurd@1:140/17 to MICHEL SAMSON on Mon Nov 1 12:14:30 2004
    Re: Web access, false BBS ID
    By: MICHEL SAMSON to TODD BOYD on Mon Nov 01 2004 10:58:00

    Many protocols have ties with ~TelNet~, which is why i've been able
    to read/post ~NNTP~ articles using `MS-Kermit' as a terminal emulator, a
    few years ago; i wouldn't campaign against usage of ~SSH~ or ~HTTPS~, i just prefer to promote various ways to make the UpGrade Path smoother...

    Actually, that's a common misperception. The Telnet protocol is completely different than anything else, luckily, most clients do what's called "passive negotiation" which means wait until the server does something telnetty before doing all the telnet stuff. So in general, nost plain text protocols can be accesed with a telnet connection as long as an ascii 255 never goes over the socket.
    --- SBBSecho 2.10-FreeBSD
    * Origin: FreeBSD Synchronet - telnet://FreeBSD.synchro.net (1:140/17)
  • From Stephen Hurd@1:140/17 to MICHEL SAMSON on Mon Nov 1 12:19:21 2004
    Re: Web access, false BBS ID
    By: MICHEL SAMSON to STEPHEN HURD on Mon Nov 01 2004 10:58:00

    ...quite difficult to find new parts for Edsels. Why? Because they don't make, sell, or "support" them anymore.

    Then let the Edsels be forgotten and the BBSing hobby with it! The approach i suggest is different: make it work 1st, then make it popular next and lets not drop a few more BBSers each time there's a transition.

    Unfortunately, requiring every authour to support every possible platform is not an option. It would require somewhere in the neibourhood of 10 times as much work. What is required is for the people who care about support for a specific platform to write the software they need. That's why we use standards... it makes it a lot easier for a DOS supporter to write an application that will handle a specific standard.

    Support for a platform has to come from users of that platform.
    --- SBBSecho 2.10-FreeBSD
    * Origin: FreeBSD Synchronet - telnet://FreeBSD.synchro.net (1:140/17)
  • From Stephen Hurd@1:140/17 to MICHEL SAMSON on Mon Nov 1 12:20:49 2004
    Re: Web access, false BBS ID
    By: MICHEL SAMSON to GREG GOODWIN on Mon Nov 01 2004 10:58:00

    I have been able to intercept keystrokes over a telnet connection a
    heck of a lot easier that I have been able to over an SSH...

    I would have refered you to somebody else relatively to this topic, it's a relief when the right question is addressed to the right guru and vice versa... Security is relative, i don't suggest to revise ~TelNet~.

    You don't need to, there are already encrypted telnet standards.
    --- SBBSecho 2.10-FreeBSD
    * Origin: FreeBSD Synchronet - telnet://FreeBSD.synchro.net (1:140/17)
  • From haliphax@1:2800/18 to Greg Goodwin on Mon Nov 1 13:50:00 2004
    Well, interesting conversation.
    So exactly how insecure is a telnet connection? :)

    wide open. it is unencrypted text being blatantly transmitted from one pc to the other.

    |07 --haliphax |15//|07rMRS
    |02 cotm.dyndns.org
    |07 vanguard mods
    --- Mystic BBS v1.07.3 (Win32)
    * Origin: constipation of the mind :: cotm.dyndns.org (1:2800/18)
  • From haliphax@1:2800/18 to Robert Wolfe on Mon Nov 1 13:55:00 2004
    So exactly how insecure is a telnet connection? :)
    Well, consider this ... I have been able to intercept keystrokes over a te connection a heck of a lot easier that I have been able to over an SSH connection to another site.

    shameless self-promotion will get you no friends in here. take it to the bbs ads base. ;) hahahaha...

    |07 --haliphax |15//|07rMRS
    |02 cotm.dyndns.org
    |07 vanguard mods
    --- Mystic BBS v1.07.3 (Win32)
    * Origin: constipation of the mind :: cotm.dyndns.org (1:2800/18)
  • From haliphax@1:2800/18 to MICHEL SAMSON on Mon Nov 1 14:03:00 2004
    in regards to ssh and telnet...

    The technologies are strikingly similar.
    Yes, that's what i've heard but ~RLogIn~ would be closer, it seems.

    but does rlogin inherently support blowfish and other 128+ bit encryptions
    like secure shell does?

    I would as well if i happened to use `ZOC', which i don't since the whole `W32' OS itself is rarely running when i manage my correspondance.

    leputty (available on sourceforge) and bterm (though it only has ssh1, and
    is thus very slow) are both programs i've had experience with as far as the
    two or three ssh-protected bbss i frequent are concerned.

    It has the same ansi graphics, etc...
    I went even further by suggesting it would be interactive enough to ~TelNet~ to an ~FTP~ server equiped with a .QWK command-set extension...

    why bother? why not just use the ftp server? or, if you're looking to serve your .qwk files over a telnet connection, just use most bulletin board softwares' built-in .qwk managing system. i know mystic and synchronet both have a system for offline mail (mystic's can be adapted to work with
    networks the way synchronet's does as opposed to .pak like i use), and synchronet already has a system in place to pass fidonet (and other ftn) through .qwk packets over either an ftp or telnet interface.

    few years ago; i wouldn't campaign against usage of ~SSH~ or ~HTTPS~, i just prefer to promote various ways to make the UpGrade Path smoother...

    like piling a bunch of crap on top of telnet and http?

    |07 --haliphax |15//|07rMRS
    |02 cotm.dyndns.org
    |07 vanguard mods
    --- Mystic BBS v1.07.3 (Win32)
    * Origin: constipation of the mind :: cotm.dyndns.org (1:2800/18)
  • From Stephen Hurd@1:140/17 to haliphax on Mon Nov 1 15:20:24 2004
    Re: Re: Web access, false BBS ID
    By: haliphax to MICHEL SAMSON on Mon Nov 01 2004 14:03:00

    The technologies are strikingly similar.
    Yes, that's what i've heard but ~RLogIn~ would be closer, it seems.

    but does rlogin inherently support blowfish and other 128+ bit encryptions like secure shell does?

    No, which is why SSH was developed. It's a secure replacement for rlogin/rsh/rcp/etc.
    --- SBBSecho 2.10-FreeBSD
    * Origin: FreeBSD Synchronet - telnet://FreeBSD.synchro.net (1:140/17)
  • From MICHEL SAMSON@1:10/345 to STEPHEN HURD on Tue Nov 2 02:57:00 2004
    Hi Stephen,

    About "Web access, false BBS ID" of November 1:

    Authors/SysOps have no need to support old platforms...
    ...make it work 1st, then make it popular next and lets not drop a
    few more BBSers each time there's a transition.
    Unfortunately, requiring every author to support every possible
    platform is not an option.

    And yet, in some cases, it IS an option: `Kermit' is available for
    any of the platforms one could reasonably consider for BBSing! Lets not disable the standards which already work, that's what i asked all along.

    It would require somewhere in the neibourhood of 10 times as much
    work. That's why we use standards... It makes it a lot easier...
    Support for a platform has to come from users of that platform.

    Then i suppose i'm lucky because i don't need to write any SoftWare
    for DOS, `Win v3.1x', `OS/2', `Win 9x', `Win 2K', etc., etc. You see, i already use Columbia's official `MS-Kermit' release which can do wonders
    under DOS or `Windows' (if combined with `COM/IP'); i could as well use
    Wayne Warthen's `Kermit for Win-16/32' on `SynchroNet' BBSes if the .INI
    i submitted to the author hadn't been rejected in favour of some lighter setup!!! Requiring of BBSers (and especially newbies) that they acquire knowledge which could make them become authors/SysOps themselves is just
    a way to set the bar so high they'll get busy for awhile. :( Feel free
    to believe otherwise but i just can't apply this logic as it won't help!

    I can't but comment that `MS-Kermit' & `WWKfW-16/32' are both 100 %
    free and they've been available (AND IGNORED) for years, while 3rd-party implementations damaged `Kermit's fine transfer protocol reputation. :(

    It's not the place of users to discover that the 3rd-party `Kermit' versions are improper for ~TelNet~ use, it's not a user's job to explain `Kermit' SysOp pre-conceptions... It's plain laziness when the suitable ~FOSSIL~ protocol driver has been ready for ~TelNet~ for a decade and it
    is a lack of foresight when SysOps argue with the very few users who try
    to have `Kermit' installed that they're "the only ones" to use it. Hey,
    if it had been used wisely in the mid-nineties no one would doubt of its capabilities today but which BBSer will persist when SysOps don't! It's
    not nice when a BBSer is forced to manage with BBS SoftWare and the work
    he's done so far is rejected even before he has tested it!... One BBSer
    has tried to conform to your principle - ME - and i can tell you this is
    a dead end: transfering SysOp duties to BBSers is like an escape to me.

    Of course, you should feel free to believe otherwise!!! :) As far
    as i'm concerned, each `ZMoDem' failure leaves one impression: ~TelNet~
    BBSes aren't reliable. Then, when it happens that ~WEB~-based BBSes too
    aren't reliable, a larger part of the hobby is suffering even further...

    BBSers are no masochists with too much spare-time to spend, really!

    Salutations, %->

    Michel Samson
    a/s Bicephale
    http://public.sogetel.net/bicephale/


    ... Rob's SBBS/Kermit: spend spare-time just to prove it was dead wrong
    --- MultiMail/DOS - http://public.sogetel.net/bicephale/MSK.INI waiting!
    * Origin: BBS Networks @ www.bbsnets.com 808-839-6036 (1:10/345)
  • From MICHEL SAMSON@1:10/345 to TODD BOYD on Tue Nov 2 02:57:00 2004
    Hi Todd,

    About "Web access, false BBS ID" of November 1:

    The technologies are strikingly similar.
    ...that's what i've heard but ~RLogIn~ would be closer...
    ...does rlogin inherently support blowfish and...

    Given what i wrote, previously, you're not addressing your question
    to the right person but i noticed Stephen Hurd is willing to discuss it.

    I just look at ssh like a secure telnet session.
    ...the whole `W32' OS itself is rarely running when i manage my correspondance...
    leputty... ...and bterm...

    I took note of this information when it was mentioned the 1st time.

    It has the same ansi graphics, etc...
    ...it would be interactive enough to ~TelNet~ to an ~FTP~ server...
    Why bother?

    This question already suggests the answer which suits you better...

    Why not just use the ftp server?

    It lacks significant .QWK door features like the interactive setup.

    ...just use most bulletin board softwares' built-in .qwk...

    There has been, there are and there will be BBSers for whom there's
    no satisfying .QWK solution yet. Systematic objectors will focuss their attention on me each time i bring `Kermit' on topic but ~FTP~ appears to
    be acceptable to both parties (those who'd need it and those who don't).

    ...mystic and synchronet both have a system for offline mail...

    In theory `ZMoDem' shouldn't have to be OS dependent but in reality
    i require an alternative. I've made contact with no `Mystic' SysOp just
    yet but i already tried to contribute to the addition of `Kermit' on the `SynchroNet' BBS systems; the author terminated our experience the same
    day i submitted my 1st draft: he didn't appreciate the file-names, etc.

    %-b,

    Right now, `ZMoDem' on `SBBS' is using `FDSZ' (a prototype) and the `Kermit' alternative, as installed, fails to address too many issues. I
    now try to get `Kermit' installed on a `TeleGard' system, hoping that it
    will be possible to make that draft progress thru a normal cycle of test
    and revision... Short of being a SysOp myself, i do my share by helping
    to fix a very old problem which no BBSer is responsible for, actually!!!

    ...promote various ways to make the UpGrade Path smoother...
    Like piling a bunch of crap on top of telnet and http?

    What you suggest has nothing to do with a smoother UpGrade Path. I
    don't favour modified (extended) ~TelNet~ protocols (and modified ~HTTP~ protocols even less), which is the right definition when features sit on
    top of a protocol... My previous posts opened no door to your assertion relative to protocol extensions and i don't find it less subjective than expressions such as "crap"! My separate ~SSH~ session scenario includes
    no obligation relatively to using the ~TelNet~ protocol neither, perhaps
    your correspondance will be more satisfying if you could just discuss it
    with the person who pretended to see those piles, in the 1st place. The
    parts about an extended ~FTP~ protocol involve a very different context:
    there were no mentions of a method to make it "secure", or even "safer";
    no leak there... As for the macro scenario, it doesn't compare with any
    of those from above because no interference with the ~TelNet~ channel is
    to be caused by scripts/macros - which is what ~TLS~ over ~TelNet~ does:
    yes, procedures like ~TLS~ "Take Over" ~TelNet~, if i'm not mistaking...

    %-o

    I didn't imply that making scripts/macros is for everyone, not even
    when a terminal emulator happens to be worth my time and it will support features like a "Command-Line" or the "Drop to DOS" option... Something _possible_ isn't necessarily mandatory. Hummm... Sounds like deja vu?!

    ~SSH~ is great if it retains the same functionality as ~TelNet~, my comments about ~IP~ patterns didn't apply to any BBSer who has access to
    fully compliant SoftWare. Is this too much nuance for a `FidoNet' echo?

    ~TelNet~, ~SSH~ and ~HTTPS~, etc. must stay as they are. No piling
    seems desirable to me since i already consider this situation to be very complicated as it is - for the BBSer, i mean. Authors/SysOps should try
    to solve problems THEY cause; `Opera' wasn't faulty when some stanger's
    name showed up in place of mine because i just dared try the ~WEB~-based interface i mentioned last month! The pile of "crap" is out there, IMO.

    Salutations,

    Michel Samson
    a/s Bicephale
    http://public.sogetel.net/bicephale/


    ... I might have sent it with DOS+TCP/IP+TelNet+Kermit+.QWK technologies
    --- MultiMail/MS-DOS v0.45 - Numbers making TelNet OLMR BBSing UNIVERSAL
    * Origin: BBS Networks @ www.bbsnets.com 808-839-6036 (1:10/345)
  • From haliphax@1:2800/18 to MICHEL SAMSON on Wed Nov 3 01:44:00 2004
    In theory `ZMoDem' shouldn't have to be OS dependent but in reality
    i require an alternative. I've made contact with no `Mystic' SysOp just yet but i already tried to contribute to the addition of `Kermit' on the `SynchroNet' BBS systems; the author terminated our experience the same day i submitted my 1st draft: he didn't appreciate the file-names, etc.

    zmodem is not at all o/s dependent. there are zmodem programs for any number
    of o/ses that i can think of offhand.

    as for mystic, no external protocols are available except for in the beta version, which leaves me pretty upset with my choice in bbs software. as for synchronet, i don't think you're lying, but i also don't think that digital
    man would be so closed minded about this situation.

    |07 --haliphax |15//|07rMRS
    |02 cotm.dyndns.org
    |07 vanguard mods
    --- Mystic BBS v1.07.3 (Win32)
    * Origin: constipation of the mind :: cotm.dyndns.org (1:2800/18)
  • From Sean Dennis@1:18/200 to Robert Wolfe on Mon Nov 1 13:51:12 2004
    Hello, Robert.

    On 31 Oct 04 at 22:48, Robert Wolfe wrote to Greg Goodwin:

    Well, consider this ... I have been able to intercept keystrokes over
    a telnet connection a heck of a lot easier that I have been able to
    over an SSH connection to another site.

    Packet sniffers are your friend.

    BTW, Scott Adams is trying to get hold of you for othernet purposes... just thought you should know.

    Later,
    Sean

    // hausmaus@darktech.org | http://midnightshour.org | AIM: eekahausmaus
    --- GoldED+/W32 1.1.5-21011
    * Origin: Stranded at the Outpost... (1:18/200)
  • From Sean Dennis@1:18/200 to Stephen Hurd on Tue Nov 2 17:44:58 2004
    Hello, Stephen.

    On 01 Nov 04 at 12:19, Stephen Hurd wrote to MICHEL SAMSON:

    Support for a platform has to come from users of that platform.

    PMFJI, but from what I've seen, it does. Windows people support Windows (and DOS to an extent), DOS users support DOS, OS/2 users support OS/2, Linux users support Linux (I'll toss BSD in there for present company ;).

    I don't directly support Linux in my BBS doors, but I will give my source code to someone who is willing to port it to Linux. I've no problems in that. So indirectly, I'm supporting Linux too.

    Later,
    Sean

    // hausmaus@darktech.org | http://midnightshour.org | AIM: eekahausmaus
    --- GoldED+/W32 1.1.5-21011
    * Origin: Stranded at the Outpost... (1:18/200)
  • From mark lewis@1:3634/12 to Michel Samson on Wed Nov 3 09:24:12 2004
    This was only meant as an alternative to accomodate BBSers who must
    connect using ~SSH~ then ~TelNet~ *SEPARATELY*, for some reason...

    What reason? Describe a scenario in which this makes sense.

    Lets start with the BBS system from where i'm posting
    right now. I got "69.75.117.170" when i fed `NSLookUp'
    with "BBSNets.COM" and then it led to two very distinct
    results when i used `TraceRt'... I have access to two
    different ~ISP~s at home so i made this test with both
    and here's what i found: my 128 Kbps ~DSL~ feed gives
    two consistent strings which show up as "bellnexia.net"
    and "inet.qwest.net" in the listing; with my DialUp
    account there were three of these, somehwere in the
    listing i got "sogetel.net", "vtl.net" and "level3.net".
    In both cases, it began with a Domain Name i could
    associate with the ~ISP~ i used to ~TelNet~ and it ended
    with what i believe to be the Domain Name of the ~ISP~
    which gives access the remote BBS system. Forget about
    the exact ~IP~s and focus on paterns which can be
    recognized time after time after time when the user
    connects to the ~TelNettable~ BBS via his ~ISP~.

    unreliable as rDNS (reverse dns) isn't required and is not set up by all isps or even set up properly by all isps... decent idea, though... now, IPv6 is a lot different and might fit something like this better...

    )\/(ark
    * Origin: (1:3634/12)
  • From Stephen Hurd@1:140/17 to Sean Dennis on Wed Nov 3 18:27:17 2004
    Re: Web access, false BBS ID
    By: Sean Dennis to Stephen Hurd on Tue Nov 02 2004 17:44:58

    Support for a platform has to come from users of that platform.

    PMFJI, but from what I've seen, it does. Windows people support Windows (an DOS to an extent), DOS users support DOS, OS/2 users support OS/2, Linux use support Linux (I'll toss BSD in there for present company ;).

    I don't directly support Linux in my BBS doors, but I will give my source co to someone who is willing to port it to Linux. I've no problems in that. S indirectly, I'm supporting Linux too.

    Exactly. However, he seems to want a free utility for DOS that does telnet, http, ssh, https, rlogin and who knows what else.

    Because the only free one he could find that handles telnet is Kermit, he then rips into myself and DigitalMan for not supporting it in Synchronet.

    Synchronet has NEVER had internal protocols.

    So, DM whips up support for kermit, adds it to the default install of Synchronet (of course, you need the kermit external protocol) and figures "Some good done for the community" then, it turns out that MS wants something else... he gets mad at DigitalMan for not spending hours configuring Kermit exactly in the manner MS wants it. Yes, it works, yes, it's part of the default install, but it's not the way MS wanted it. From there, MS gets mad at DM and I for moving to existing standards and not supporting him who is using outdataed non-standards on an unsupported OS.

    It's gone downhill from there.

    Mostly I reply just to give me something to do when I get bored.
    --- SBBSecho 2.10-FreeBSD
    * Origin: FreeBSD Synchronet - telnet://FreeBSD.synchro.net (1:140/17)
  • From Stephen Hurd@1:140/17 to mark lewis on Wed Nov 3 18:28:46 2004
    Re: Web access, false BBS ID
    By: mark lewis to Michel Samson on Wed Nov 03 2004 09:24:12

    unreliable as rDNS (reverse dns) isn't required and is not set up by all isp or even set up properly by all isps... decent idea, though... now, IPv6 is a lot different and might fit something like this better...

    I doubt he'll be able to get a good IPv6 stack for DOS.
    --- SBBSecho 2.10-FreeBSD
    * Origin: FreeBSD Synchronet - telnet://FreeBSD.synchro.net (1:140/17)
  • From Robert Wolfe@1:3407/4 to Sean Dennis on Thu Nov 4 14:45:44 2004
    On 11/4/2004 2:45 PM, SEAN DENNIS wrote to ROBERT WOLFE:

    BTW, Scott Adams is trying to get hold of you for othernet purposes... just thought you should know.

    EMail me at robert.wolfe@buffalo.sytes.net with his email address okay?
    --- Platinum Xpress/Win/Wildcat5! v2.0
    * Origin: Buffalo Online (1:3407/4)
  • From MICHEL SAMSON@1:379/1200 to TODD BOYD on Thu Nov 4 17:17:00 2004
    Hi Todd,

    About "Web access, false BBS ID" of November 3:

    ...mystic and synchronet both have a system for offline mail...
    In theory `ZMoDem' shouldn't have to be OS dependent...
    zmodem is not at all o/s dependent.

    Right. As i wrote, in theory it shouldn't have to be OS dependent.

    There are zmodem programs for any number of o/ses that i can think
    of offhand.

    I suggest you ask Nancy Backus why `TCPort01' was created, exactly!

    %-o

    Either you don't think hard enough or your hands are all thumbs?...

    I've made contact with no `Mystic' SysOp just yet...
    ...no external protocols are available except for in the beta...
    ...which leaves me pretty upset with my choice in bbs software.

    And i thought that file transfer was a most basic feature in BBSes!

    %-b,

    Apparently, there's no hurry before i begin to promote `Kermit' for
    a `Mystic' BBS system, euh... This explains that, which tells me why it happens that `COM/IP' has finally been discontinued (on October 14)! :(

    ...i already tried to contribute... ...the author terminated our experience the same day i submitted my 1st draft...
    ...i don't think you're lying, but i also don't think that digital
    man would be so closed minded about this situation.

    In describe a reality i observe, wars come later, preferably... It
    would make it worst to write that "closed minded" actually describes Rob Swindell's attitude accurately but, euh... what can you say of children
    who won't eat something they never even tasted?... Right now `WWKfW-16/
    32' hangs the session and then the BBSer must wait for a day because all
    his time was used while the hanged node remained idle! %-o I suggested
    he forgets name calling for a minute and should re-align his focuss: it
    seems the INTERFACING with `MS-Kermit' (as external driver) IS LOOSE and
    no Error-Trapping is even done to prevent False Message-Pointer UpDates!

    Salutations,

    Michel Samson
    a/s Bicephale
    http://public.sogetel.net/bicephale


    ... As *LEGACY* as it might sound `MS-Kermit' flew to the Space Station!
    -!- MultiMail/MS-DOS v0.45 - Only numbers could make BBSing UNIVERSAL...
    --- Mail-ennium/32 v2.0-beta-r1
    * Origin: Mail-ennium/32 v2 Beta Coming Soon! (1:379/1200.0)