I know of three systems that have been attacked in the last month or so.
One was attacked by social engineering the password out of an user.
Another was attacked by installing NETBUS on an user's machine. The third
was attacked by having the attacker subscribe himself to the mailing list
used to
At the 2600-coordinated Beyond HOPE conference (NYC, 1997), it was made
very clear to users that passwords transmitted in-the-clear would be
Right, passwords always have been the weakest link.
panel singled-out an unlucky telnet user, announcing a domain name and
Not just telnet is
While on the topic of password-sniffing anecdotes from conferences --
At the 2600-coordinated Beyond HOPE conference (NYC, 1997), it was made
very clear to users that passwords transmitted in-the-clear would be
sniffed. To hammer home the point, one participant in the Tiger Teaming
panel
Phil Karn wrote (amongst other things)
The people who run today's MIS/IT departments are the direct
descendents of those who ran big computer centers in the old days.
No we're not their descendents - we are the same guys. Those "old days"
aren't that long ago we haven't been put out to
I'm going to go off on a bit of a tangent here... this is really
a security issue, not a crypto issue, but I think it's something
that we'd all do well to think about.
Derek Atkins wrote:
sniffible, none of my passwords were. I happen to be one of the
lucky few who has made it through the
At 08:35 AM 3/25/99 -0800, Jurgen Botz wrote:
Yes, I could demand that all my remote users be running NT4.0SP4 with
some additional security patches and have all their services turned
off (or better still, Linux or *BSD configured by my network
engineers), but how am I going to enforce this?
On Tue, 23 Mar 1999 14:54:15 -0800 (PST), Phil Karn [EMAIL PROTECTED] said:
Phil Actually, things are getting much better in the IETF terminal rooms.
Phil SSH is now *very* widely used, with encrypted Telnet and IPSEC
Phil trailing well behind.
Phil Phil
The same for every
...And of course nobody has compromised any of the ssh binaries on the
workstations...
Workstations? What workstations? Anybody serious about security brings
their own laptops. And then they worry about them being tampered with
by the hotel custodial staff.
Laptops are also easier to lug into a
-BEGIN PGP SIGNED MESSAGE-
Actually, things are getting much better in the IETF terminal rooms.
SSH is now *very* widely used, with encrypted Telnet and IPSEC
trailing well behind.
...And of course nobody has compromised any of the ssh binaries on the
workstations...
Phil
as one person who downloaded the source from his home site, and then
compiled it on the local machine with a GCC binary which he had also
brought from "home".
So he trusted the libaries and headers on the local machine?
That seems less secure than bringing statically-linked binaries
on a floppy,
Catching up on email, I will point out that every major service provider
is probably compromised to one degree or another as frequently as 3
times per year from terminal rooms. For example, in addition to Usenix
meetings: IETF meetings, NANOG meetings, and every other computer
meeting or show
Actually, things are getting much better in the IETF terminal rooms.
SSH is now *very* widely used, with encrypted Telnet and IPSEC
trailing well behind.
Phil
Thanks for the good pointers that a number of people gave. The particular
incident I remembered was the BARRnet one
http://www.geek-girl.com/bugtraq/1993_4/0032.html
(thanks Dan Riley).
I had no idea there had been so many, so well hushed up! MILNET, JANET (4
independent incidents in the UK
This is a little off topic, I know, but I'm writing a paper about the
work we've done on an encrypting sendmail (I'll announce details as soon
as it restabilises, but if anyone wants to see the old version it's at
http://www.home.aone.net.au/qualcomm ). For part of this, I wanted to
refer to
Greg Rose [EMAIL PROTECTED] writes:
I wanted to refer to the incident where someone mounted a password
sniffer at a major network hub (MAE-West?) a couple of years
ago. But I haven't turned up anything useful in a Web search. I
didn't dream this incident, did I? Does anyone have any
I don't specfically know about MAE-West, but there are any number of
attacks on ISPs that involved setting up password sniffers on major
transit Ethernets.
Phil
16 matches
Mail list logo
