Fred <[EMAIL PROTECTED]> writes: > I am suspicious that they are somehow breaking in through ssh --
http://www.nytimes.com/2005/05/10/technology/10cisco.html Internet Attack Called Broad and Long Lasting by Investigators By JOHN MARKOFF and LOWELL BERGMAN Published: May 10, 2005 [....] The crucial element in the password thefts that provided access at Cisco and elsewhere was the intruder's use of a corrupted version of a standard software program, SSH. The program is used in many computer research centers for a variety of tasks, ranging from administration of remote computers to data transfer over the Internet. [...] Comment: I designed and implemented a network protocol in one of my past jobs. I found it useful to provide my SQA folks with a bastardized version of the protocol stack, one that allowed them to basically do everything possible to try to deceive/overrun a valid protocol endpoint. I slept well at night knowing that the SQA staff had the tools to try to crash/overrun a protocol endpoint, but they never could find a way to do it. Developing tools to test your own code is a part of doing a job. --kevin -- GnuPG ID: B280F24E And the madness of the crowd alumni.unh.edu!kdc Is an epileptic fit -- Tom Waits _______________________________________________ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
