hi ya bradley
On Fri, 27 Aug 2004, Bradley M Alexander wrote:
> On Fri, Aug 27, 2004 at 01:25:21PM -0700, Alvin Oga wrote:
...
> > i equate the "wireless" between to wirelss-pc to be the equivalent
> > of 2 wired=pcs..
> > - anybody ( in the world ) can sniff the copper wire
> > - anybody ( local in your area ) can sniff the air
> >
> > - which is worst ??
>
> Wireless is worse because in order to sniff the wire, you have to be
> physically connected. With wireless, I can sit in my car or one of your
> neighbor's houses and get the same information.
yes ... but ... there is only a limited number of people that can sit in
their car outside your house and they can scan/sniff a limited number
of ap and clients
at a colo ... you can sniff the copper of large sites with possibly
important data to the not-so-honest folks, and more importantly,
anybody in the world can sniff it ... esp with lots of not-so-secure
boxes at the colo's with everybodys home pc's vpn'ing into someone
elses supposed secure e-commerce sites at the big colo's
- to get into the colo is ez ... get a $10/month acct ...
and you're on the wire ... sniffing all you want ...
the good thing about sniffing wires ... there's tons of traces of the
intruder
the bad thing about sniffing the air ... you will never know somebody
in the car picked up all your packets ( like the company's 5yr business
plan )
> True, but remember that ssh uses a public key encryption scheme. A public
> key that is distributed to the four winds and a private key that is kept
> just taht -- private. The private key is owned/readable by root, so in
> order to get access to the private key, you have to have root access to the
> box, and at that point, the game is already over. There is a severe
> security breach that has already happened...And your ssh key is probably
> the least of your worries.
yes... but the problem is if they have root, which most exploiters will
try to get ... they have the ability to send the /etc/ssh keys to themself
to play man-in-the-middle or anything else they want
- and you might not know that they got in for a few minutes,
few hours, few days .. few weeks ..
( the more sensitive your data, the less time they should be in
( without being spotted
- i've seen cases, where i go visiting for the first time and
ask, "what is this connection" for ?? and they donno ...
( and tracking down that connection ocould be a sleeper in there
( for month or two ..
no wonder they are looking for help and since i donno what all
gets connected, that's what the "questions" is for ... question
everything without getting too annoying :-)
have fun
alvin
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
