Date: Mon, 28 May 2001 09:41:35 +0100 From: Mike Meredith <hmv@meredithm.fsnet.co.uk> To: questions@FreeBSD.ORG Subject: Re: security question Message-ID: <0105280941350A.00298@warlock.hmv.net> In-Reply-To: <bulk.95613.20010527183351@hub.freebsd.org> References: <bulk.95613.20010527183351@hub.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> Basically, I set up three temporary machines (or set up a temp login > on one machine) We assume that I've cracked machine "A" and you then > log in to machine "B" via telnet from machine "C". I then show you > that I've sniffed your password and can now log into machine "B". To > increase the shock value, I can have you su to root via telnet, which > then gives me root access to machine "B". > (p.s. don't try this particular demo if you're running a switch > because it won't work.) I might be repeating the obvious here, but a switched environment doesn't protect totally against sniffing. It just makes it slightly more difficult. Look for a utility called 'dsniff', and there are other tools to do the same job. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?0105280941350A.00298>