On 2005-01-16T09:46:28-0500, R.A. Hettinga wrote: > On Sun, 16 Jan 2005 [EMAIL PROTECTED] wrote: > > On Sun, 16 Jan 2005 01:32:46 EST, Henry Yen said: > > > > > > . panix.net usable as panix.com (marcotte) Sat Jan 15 10:44:57 2005 > > > > So let's see.. the users will see this when they log into shell.panix.net > > (since shell.panix.com is borked). Somehow that doesn't seem to help much. > > and the hijackers could be, potentially, running a box pretending to be > shell.panix.com, gathering userids and passwds :(
Object lesson in why using replayable passwords is not a good idea. Allah invented nonce-based password hashes and public key crypto for a reason. -- "War is the father and king of all, and some he shows as gods, others as men; some he makes slaves, others free." -Heraclitus Kahn.83/D-K.53