Data traveling across the local CS network should be secure (although
nothing can be
guaranteed). When sending information across wider networks,
security of data becomes more and
more of a problem.
If you use something like telnet, ftp, or non-SSL versions of IMAP and POP
to remotely login (all of which are disabled on local CS machines), your username and
password are sent across the wire in cleartext and may be compromised, allowing
someone else to access your account. Even if the data you are sending is
not private, you should still take steps to prevent possible password/account
compromises.
If you want to read your CS email remotely via IMAP or POP, you must
enable SSL support. Please see the
IMAP/POP FAQ Entry for information on how to access the CS mail server.
If you want to remotely login or transfer files from CS machines, you will
need to use SSH tools instead of ftp and telnet.
SSH, or Secure SHell, is an encrypted remote login and file transfer protocol. All
data sent from source to destination, including your login name
and password, are sent encrypted using a key that is created once
per machine or, alternatively, every login session. As a bonus,
it supports encrypted X forwarding so that you can run remote windows
in a fairly secure fashion. It's suggested that you use ssh for all
your remote login sessions, especially those where traffic goes across
the internet. See the
Knowledge Base document
on this subject for more information.
Several free and commercial ssh clients are available for just about every
major operating system. Please see
SSH Client FAQ Page for a listing of several
popular SSH clients.
