Re: Debian Investigation Report after Server Compromises
Hoyt Bailey wrote:
----- Original Message -----
From: "csj" <firstname.lastname@example.org>
Sent: Wednesday, December 03, 2003 22:40
Subject: Re: Debian Investigation Report after Server Compromises
On 3. December 2003 at 5:52PM -0800,
Vineet Kumar <email@example.com> wrote:
* Monique Y. Herman (firstname.lastname@example.org) [031203 16:59]:
I have been wondering about the password-sniffing thing, too.
If you send a password using ssh, isn't it encrypted?
I suppose some debian developer's kid sister could have
installed a keystroke logger on the dev machine ... um ...
Almost there -- minus the assumption that one needs physical
access to a machine to install a keystroke logger. At the risk
of perpetuating the telephone game, I recall reading that the
developer's machine had been rooted. I didn't hear how, but I
don't really see how it matters. I picture an always-on
machine in someone's home on a DSL or cable line.
Now I'm curious: is it possible to get rooted while on dialup?
I'm thinking of a user with access to a slow but dirt cheap
dialup connection and so is online for significant stretches,
say, eight hours. This also assumes that no trojans or similar
have been installed on the user's system.
FYI. As one who has caught several virisus. It can happen on dialup and it
has always happened to me while downloading virisus definitions from
Virus definitions for Linux from norton.com?
I dont believe that norton was infectied. Therefore it came
from somewhere else.