Hal Pomeranz wrote: > The only thing that worries me about the write up is the fact that a > "sniffed password" was used to break into several machines. I have to > ask why they're not using SSH for all communications to/from these > boxes and why they're not using something better than re-usable passwords > for access control. It's not clear that these "vulnerabilities" that > led to the original compromise have been closed, although the kernel > bug that allowed the "break root" apparently has been.
I believe they are using ssh, and the password was sniffed by a keystroke sniffer on a developer's machine. As for something better than reusable passwords, what would you recommend? Most developers never get within a thousand miles of the servers, so anything that requires physical access is out. There is no budget, so smart card and biometric based systems are out. Public key systems don't help -- if an attacker can install a keyboard sniffer, he can copy a private key. Could S/KEY be used here? How would the keys be distributed securely? If there's a good solution available here, I'm too dumb to see it. -- Bob Miller K<bob> kbobsoft software consulting http://kbobsoft.com [EMAIL PROTECTED] _______________________________________________ EuG-LUG mailing list [EMAIL PROTECTED] http://mailman.efn.org/cgi-bin/listinfo/eug-lug
