Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 25 Mar 1999 19:37:46 -0500
From:      Garance A Drosihn <drosih@rpi.edu>
To:        James Wyatt <jwyatt@RWSystems.net>
Cc:        freebsd-security@FreeBSD.ORG
Subject:   Re: sudo (was Re: Kerberos vs SSH)
Message-ID:  <v04011703b3208652f8e8@[128.113.24.47]>
In-Reply-To: <Pine.BSF.4.05.9903251642150.23152-100000@kasie.rwsystems.net>
References:  <199903252044.MAA02527@apollo.backplane.com>

next in thread | previous in thread | raw e-mail | index | archive | help
At 5:22 PM -0600 3/25/99, James Wyatt wrote:
> The thing I don't like about it is that it makes programs like
> linsniffer more effective. It looks at TCP startups of telnet,
> FTP, pop, etc... and very nicely captures their password.
> Capturing root passwords from users 'su'-ing requires a *lot*
> more advanced sniffer or cracker intervention.

No, it only requires that someone sit down and decide to do it.
Conceptually it isn't all that hard to look for "password" in
a telnet stream, and keep the packets seen before and after that.

The only protection for things like that is to use encryption
for the session (ssh or kerberos), or use switches that greatly
reduce the number of packets that can be seen from a given
(hackers) computer.

---
Garance Alistair Drosehn           =   gad@eclipse.acs.rpi.edu
Senior Systems Programmer          or  drosih@rpi.edu
Rensselaer Polytechnic Institute


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?v04011703b3208652f8e8>