OT: Free OpenSource JAD/J2EE WAP SSH Client for Phones
Joshua Zeidner
jjzeidner at gmail.com
Tue Nov 25 14:55:06 MST 2008
SSH ensures security from IP to IP, not necessarily from Cell phone to
IP. So your 'endpoint' is the IP address on the cell providers systems.
The level of explicit security in this case is pretty low and would depend
on transport security inherit in the cell network protocol.
-jmz
On Tue, Nov 25, 2008 at 2:48 PM, Jon M. Hanson <jon at the-hansons-az.net>wrote:
> SSH is secured at your endpoint specifically because you don't trust the
> network. Even if someone was able to intercept the cellular data (which is
> encrypted as well, at least for GSM) they still wouldn't be able to decypher
> your SSH session.
>
> Sent from my iPhone
>
> On Nov 25, 2008, at 2:38 PM, "Joshua Zeidner" <jjzeidner at gmail.com> wrote:
>
>
> Lisa,
>
> I wonder if the data transport (over cell network) is secured... can a
> sophisticated cell phone eavesdropper snoop on my ssh session?
>
> -jmz
>
>
> On Tue, Nov 25, 2008 at 11:07 AM, Lisa Kachold < <lisakachold at obnosis.com>
> lisakachold at obnosis.com> wrote:
>
>> Check out midpssh - works on BlackBerry, and most PDA's - since it's
>> compiled for various ARM and other phone devices.
>>
>> <http://www.xk72.com/midpssh/>http://www.xk72.com/midpssh/
>>
>> Point your phone browser to install:
>>
>> <http://xk72.com/wap>http://xk72.com/wap
>>
> <http://xk72.com/wap>
>>
>> Security Disclaimer:
>> Remember to limit your server SSH access points (where possible) through
>> ACL [iptables] by IP [check your phone settings for IP address], use strong
>> passwords, and deploy daemon wrappers like SSHIT or SSHUTOUT [to protect
>> against brute force and dictionary attacks], enable strong logging and log
>> servers [so the logs can't be trivially edited] and alternately run on a
>> unique port (not 2222 [everyone uses 2222]) if you MUST leave SSH open to
>> PSTN/Internet gateways.
>>
>> <http://www.Obnosis.com>www.Obnosis.com |
>> <http://en.wiktionary.org/wiki/Citations:obnosis>
>> http://en.wiktionary.org/wiki/Citations:obnosis |
>> <http://www.urbandictionary.com/define.php?term=obnosis>
>> http://www.urbandictionary.com/define.php?term=obnosis (503)754-4452
>> ------------------------------
>> Catch the January PLUG HackFest! Kristy Westphal, CSO for the Arizona
>> Department of Economic Security will provide a one hour presentation on
>> forensics.
>>
>>
>>
>> ------------------------------
>> Get more done, have more fun, and stay more connected with Windows
>> Mobile(R). See how. <http://clk.atdmt.com/MRT/go/119642556/direct/01/>
>>
>> ---------------------------------------------------
>> PLUG-discuss mailing list - <PLUG-discuss at lists.plug.phoenix.az.us>
>> PLUG-discuss at lists.plug.phoenix.az.us
>> To subscribe, unsubscribe, or to change your mail settings:
>> <http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss>
>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>>
>
> ---------------------------------------------------
> PLUG-discuss mailing list - <PLUG-discuss at lists.plug.phoenix.az.us>
> PLUG-discuss at lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.PLUG.phoenix.az.us/pipermail/plug-discuss/attachments/20081125/802e8f57/attachment.htm
More information about the PLUG-discuss
mailing list