telnet security

[Peijen]

I already though of ssh tunnel, and I remember CMU has kerberos (which I need to look it up).

What are some options for secure telnet connection? Let's say I have to use telnet so ssh is out of question, and tunneling might be too much trouble for the user.

[quantus]

I don't see much difference between telnet w/ kerberos and ssh from a user's perspective in most cases. Tickets are kinda nice though since you can authenticate once and get multiple connections from it as well as acquire two tickets with different logins, but su is almost the same thing (I think you only maintain the rights of the user your su to, not the original user).

[Peijen]

Ok, maybe I was too vauge. This is for a mud server, I finally decided to get off my lazy ass and see if I can produce something based on our mmorpg discussion.

I only care about security during the initial authentication, but if the whole session is secure that's even better. Ssh and su doesn't work for obvious reason. this is more of excercise of good practice, I am not going to worry too much about it if there is no way around it.

[Jonathan]

SSL?

http://www.gammon.com.au/mushclient/stunnel.htm

[Peijen]

You know, I read that sometime over the weekend. I dont know why I forgot about it.

[Alan]

Hehe you're gonna run a mud?

Ah, I remember good times back when we were working for Informedia, playing a Novice on WoTMUD and getting people to give me all kinds of shit for free because they thought I was a girl.

And getting caught by Brian one time. So after that we discovered NT messaging for our Early Boss Warning System (TM).

Good times.

[Jonathan]

This is for a mud server, I finally decided to get off my lazy ass and see if I can produce something based on our mmorpg discussion.

What exactly do you intend to test using a MUD? Even if you're just prototyping, might it be a good idea to use some 2D Java MMORPG to test ideas, if not Nevrax?

[Jonathan]

While I was playing WoTmud I just had it on my screen as one of my xterms. I actually had conversations with coworkers about the colorization. "Wow, that's really colorized output!" "Uh, yeah. Output. Right."

[Peijen]

What exactly do you intend to test using a MUD? Even if you're just prototyping, might it be a good idea to use some 2D Java MMORPG to test ideas, if not Nevrax?

Game system mechanic. I don't want to deal with graphics, and in my mind a MUD allow me to test ideas and tweak numbers without messing with graphics. That and I want to refresh network programming and a telnet server is the easiest to implement.

I also refuse to use Java, although I am writting my server in C# so I shouldn't talk...

[Peijen]

Hehe you're gonna run a mud?

Not so much running a mud, but writting a mud server. I figure it will probably take about 4-5 months to have something testable if I didn't get lazy. I am mostly using tigermud as a blue prints.

... Informedia ...
Good times.

Good times indeed!

[Jonathan]

Unsolicited advice: code against the Mono-compatible subset of the .NET specification.

[Peijen]

Unsolicited advice: code against the Mono-compatible subset of the .NET specification.

yes, I do have that in mind. Although I am coding in .net 2.0, but Mono support should be available by the time I have anything worth while.

[Peijen]

I am going to call it CMUd as in CMU daemon. I know it's stupid but whatever. I am writting it down so I don't forget.

[George]

Hmm, I wouldn't be able to explain having a telnet open on my work PC that's on the internet. However, maybe I can put together a telnet client that looks like or lives inside Outlook or Excel. Then I can appear productive while playing.

George's PC: 20 points of damage. Enemy destroyed.

Coworker: Ah, it looks like your new spam filter it really effective.

[quantus]

Another Coworker: Wait, that doesn't look like any spam I've every seen... But, it does look strangely like... OH!!!! nevermind. George, can we talk later?

[George]

I never said the plan was foolproof.

Although, now that I think about it, you could probably do even better. A MUD really already has a natural division between the game itself and the display. Traditionally, you map console input to actions in the game whose results are mapped to fantasy text descriptions as output. However, you could instead map input and output in a more abstract way. Calendar appointments battle inbox messages by equiping tasks and casting journal entries.

Edit: Joking aside, you might want to code the core of your MUD to take advantage of that division. The game logic (rules, characters, battles, etc) really has almost nothing to do with whether the game is text, 2D, or 3D. So when you move from the MUD to the graphical interface, you'll only have to change some movement, clipping, and line of sight code and interact with a richer client through some non-text protocol.

[Peijen]

Another Coworker: Wait, that doesn't look like any spam I've every seen... But, it does look strangely like... OH!!!! nevermind. George, can we talk later?

During secret meeting ...

George: Now, I know the people who runs this 'email service' For $5 I can get you a 'anti-flame filter', and for $10 I can get you 'hide-from-boss special script'.

[George]

'hide-from-boss special script'.

Um, a more sublte name is probably better. "Productivity-enhancement application". Or "Cross-platform collaboration tool".

Actually, I think my company has some collaboration tools. I'd never tried any because I assumed they meant stuff like NetMeeting. Maybe the entire IT department is actually playing games and relying on people's apathy to cover it up.

[Jonathan]

Quick google search reveals an Excel implementation of Tetris. No multiplayer spreadsheet games, though. The opportunity is ripe!

[Jonathan]

http://www.thinkgeek.com/computing/input/76ed/

'hide-from-boss special script': the hardware solution.