Date: Wed, 11 Dec 1996 07:50:20 -0800 From: Cy Schubert <cy@cwsys.cwent.com> To: Brian Tao <taob@io.org> Cc: Dev Chanchani <dev@trifecta.com>, FREEBSD-SECURITY-L <freebsd-security@FreeBSD.ORG> Subject: Re: URGENT: Packet sniffer found on my system Message-ID: <199612111550.HAA04031@cwsys.cwent.com> In-Reply-To: Your message of "Tue, 10 Dec 1996 21:05:53 EST." <Pine.BSF.3.95.961210204050.9494B-100000@nap.io.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> On Tue, 10 Dec 1996, Dev Chanchani wrote: > > Expire all the passwords and re-install all the system binaries and > > hopefully he will go away. > > All staff have been notified to cycle their passwords. What to do > with the user base is an entirely different matter... Don't be too sure that this will secure your passwords. I've seen /bin/login replaced to collect passwords and either store them or transmit them upon receipt. You'd better verify that login, su, ftpd, and anything else that processes passwords is intact. A couple of ways to avoid this is to use the "r" commands, but this can be a big security hole as well. Alternatively you could install Kerberos or ssh. You could distribute a set of kerberos binaries for windoze to your clients. All they would need to do is a kinit to get a 10 hour (for example) ticket. They could login to your system for 10 hours without reentering the password. This will only protect telnet since I haven't seen a free version of Kerberos for windoze that supported anything but telnet. If you want to compile Kerberos 5 Beta 7 on your system, I do have some patches to allow it to compile and run on FreeBSD. Regards, Phone: (604)387-8437 Cy Schubert OV/VM: BCSC02(CSCHUBER) Open Systems Support BITNET: CSCHUBER@BCSC02.BITNET ITSD Internet: cschuber@uumail.gov.bc.ca cschuber@bcsc02.gov.bc.ca "Quit spooling around, JES do it."
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199612111550.HAA04031>