hi ya i donno for sure.... but i would suspect getting into an NT or windows box and sniffing from there would be easier than getting into a patched linux box .... and havign somebody sniff passwd
rememboer all theose widnows box are basically "root" anyway ( okay...administrator ) and those users can isntall those sniffers tooo as can those from the outside... if the outside world can come into local PC machines...they've got a major firewall issue... ===================== == == if they are running stuff that has cleartext passwds... == they cannot use the argument that they are security concious... == ===================== - if they claim security is an issue... even if they running cleartext passwd ( ftp, pop, telnet ... ) then i'd be heading out the door at that point... - those insecure stuff should be on a insecure network... sniff it all they like... give um root on a linux box... but no other damage will occur to the rest of the LAN === === windoze boxes and linux boxes must be "hardened"... === if not...both are equally susceptable to any kind of additional === attacks locally or to the outside Bank-of-Arctic-Circle NTSA === c ya alvin On Wed, 11 Jul 2001, Jason Healy wrote: > At 994884618s since epoch (07/11/01 15:50:18 -0400 UTC), Brian Stults wrote: > > and 2) they want to know that I am conscious of security issues. If > > anyone has any suggestions for the kinds of things to stress, I would be > > happy to hear them. > > Our IT department was wary (though not afraid) of linux users, because > once you've rooted a linux box, password sniffing is only a short > distance away. However, with all those fun windoze tools out there, > taking over windows machines is just as easy, and just as devastating > for the network. > > Emphasize that you're probably safer running linux than windows. You > won't be using Outlook (a major plus <g>), and you actually know how > to secure a linux machine. You won't be running a public webserver, > etc, etc. Offer to let them try to hack your box... =) > > > Here is one concern of theirs, though, that I don't understand. They > > said one problem with linux is that it will trick their network into > > thinking that my linux box is the main server, thus bringing down a > > system of over 2000 users. > > They might be referring to using Samba and setting it up as a domain > master. This is stupid, because a) it doesn't come configured that > way, and b) any organization worth its salt will run a backup domain > controller to ensure that nobody can hijack control of the domain (for > a while, all Win 95 boxes were factory set to try to elect themselves > as the browse master for a domain, so they should have solved this > problem anyway). > > They might also be referring to other misconfigurations... since linux > lets you tweak so much, it is possible to make dumb mistakes (I once > advertised myself as the shortest path to all appletalk devices. You > can imagine the warm reception I got from IT on that one when all the > printers fell into a Black Hole of Routing.) > > While linux makes this stuff possible, it doesn't mean that you're > automatically going to do it. Also, it is possible to do some of this > stuff even if you have windows, so it's not really fair to assume that > you'll do anything wrong (is this 'OS profiling'?). If they're > assuming that you're malicious, then that's their problem; if you > really want to screw the network you can do it hundreds of ways > without needing linux. > > Just talk to them and try to show that you have a clue (but aren't > pompous), and if they have any sense they'll warm up to you. My > college's IT department was cold and unfriendly, until you get to know > them. After some friendly chats, they'll let you do whatever you want. > > Jason > -- > Jason Healy | [EMAIL PROTECTED] > LogN Systems | http://www.logn.net/ > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] >