Is there a point to ssh remote login?

Snyper M

Registered
Not that i'm jealous or anything but the XP kids down the hall have been remotely loggin into their computer form accross the campus fomr any windows box, even when it's not runnin XP there.

Now I know we can ssh in to our computers, but ...waht's the point? How/Can I actually run anything useful? do anything worth doing? I mena they see their exact desktop, their entire computer. Now I know timbuktu can do this but I can't go installign this on school computers, hell finding computers with ssh on them is hard enough.

What's so useful about remote login?! Please enlighten me.
 

jimr

McInstigator
so, you can disable ssh and use standard telnet and standard ftp

you could also install X windows and use an X client or vnc. even from windows. this can work through ssh

right now, your passwords are fairly well protected.

certainly someone might (in the university environment ....especially) set some local machine to promiscuous ethernet mode and collect all of the plain text passwords that are floating about.

is windows still using RC4? I heard they take about 10 seconds to crack...

when your buddies wake up some day and find their machines "operating themselves" they will blame you because you are the only one on the floor with data intact. So go ahead, undo your security settings so you won't feel left out when everyone else loses all their homework.
 

Dak RIT

Missing Intelligence
It's really easy to tell which computers on a university network are running Windows XP... for some fun I went around port scanning random IPs today (and some not so random) with nmap. People aren't joking when they say Windows XP is a security hole (no, I don't mean Windows XP has a security hole, I mean it *is* a security hole).

A friend installed Windows XP out of the box on his computer and I port scanned him...

Starting nmap V. 2.53 by fyodor@insecure.org ( www.insecure.org/nmap/ )
Interesting ports on xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx):
(The 1514 ports scanned but not shown below are in state: closed)
Port State Service
21/tcp open ftp
80/tcp open http
135/tcp open loc-srv
139/tcp open netbios-ssn
443/tcp open https
445/tcp open microsoft-ds
1025/tcp open listen
1032/tcp open iad3
5000/tcp open fics

Nmap run completed -- 1 IP address (1 host up) scanned in 1 second

Compare that to the port scan on my computer or on most other MacOS X computers:
Starting nmap V. 2.53 by fyodor@insecure.org ( www.insecure.org/nmap/ )
All 1523 scanned ports on xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx) are: closed
Nmap run completed -- 1 IP address (1 host up) scanned in 1 second

Yeah... we were laughing for a while. We were able to successfully compromise the security of quite a few of the open ports (we tried the ftp, http, and netbios ports... all successfully) using common exploits which compiled without problems on OS X.

You can actually do anything you could on the desktop from the command line (and a lot more)... although that requires a knowledge of UNIX. If you don't know UNIX, there's basically no advantage to being able to ssh in. I personally use it quite a bit... we have Solaris machines in all our labs so I can also set it up as an X host.

Cheers,
Dak
 

scruffy

Notorious Olive Counter
File transfer over ssh is possible, and a lot more secure than plain old ftp, etc. scp and sftp are two applications for file transfers that use ssh as their actual communication layer, so they are a lot more secure than eg. ftp. scp acts basically like rcp, while sftp acts basically like ftp (command line version, that is).

I don't know about Windows versions of sftp, but I know you can get a free scp client for Windows, called PuttySCP or something similar.

From Unix, you can:

scp some/file/here me@my.computer:some/file/there

to copy the file from the computer you're at out to your computer, or

scp me@my.computer:some/file/there some/file/here

to copy the remote file to the computer you're sitting at now.

sftp uses an interactive interface, similar to terminal-based ftp. It takes a little bit of learning, but allows you to look around for a file, change folders, look around some more. Also, you only have to type your password once for a whole session of file transfers, so it's a little less bother that way.
 
Top