Defending Network Switches
Secure Shell Protocol - SSH

Secure Shell (SSH) is a program used to log into another computer over a network, to execute commands in a remote machine, and to move files from one machine to another. It provides strong authentication and secure communications over insecure channels. It is a replacement for rlogin, rsh, rcp, and rdist as well as Telnet and FTP.

SSH protects a network from attacks such as IP spoofing, IP source routing, and DNS spoofing. An attacker who has managed to take over a network can only force SSH to disconnect. The attacker cannot play back the traffic or hijack the connection when encryption is enabled.

When using the SSH login (instead of Telnet), the entire login session, including transmission of password, is encrypted; therefore it is almost impossible for an outsider to collect passwords.

CAUTION:

SSH version 1 implementations are vulnerable to various security compromises. Whenever possible, use SSH version 2 instead of SSH version 1.