Date: Tue, 10 Dec 1996 02:02:15 -0500 (EST) From: Brian Tao <taob@io.org> To: John-Mark Gurney <gurney_j@resnet.uoregon.edu> Cc: FREEBSD-SECURITY-L <freebsd-security@freebsd.org> Subject: Re: URGENT: Packet sniffer found on my system Message-ID: <Pine.BSF.3.95.961210015814.1328G-100000@nap.io.org> In-Reply-To: <Pine.NEB.3.95.961209221551.275E-100000@nike>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 9 Dec 1996, John-Mark Gurney wrote:
>
> why not just have their passwords expire? then they have to change them
> :) hope it all works out... ttyl..
The attacker can just as easily change the password to the
account. This is an ISP, where there are thousands of user accounts.
Some people don't login for days or weeks at a time, and won't see any
announcements in their mailbox or in a newsgroup or on a login motd.
I could just lock out all the accounts listed in the sniffer logs, but
I'm not sure if our tech support staff would appreciate all the calls
that would generate. That may be the most effective approach though.
--
Brian Tao (BT300, taob@io.org, taob@ican.net)
Senior Systems and Network Administrator, Internet Canada Corp.
"Though this be madness, yet there is method in't"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.95.961210015814.1328G-100000>