Re: gkrellm and security

To: debian-security@lists.debian.org
Subject: Re: gkrellm and security
From: Tim van Erven <tve@vormig.net>
Date: Thu, 2 Jan 2003 23:11:15 +0100
Message-id: <[🔎] 20030102221115.GA7790@mould.vormig.net>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <[🔎] 20030102195031.GF8171@alucicrazy.tacnet.com.br>
References: <[🔎] 20030102195031.GF8171@alucicrazy.tacnet.com.br>

On Thu, 02/01/2003 05:50 -0200, Bueno wrote:
> I thought about the following idea:                                                                                      
> to install gkrellm and xterm in all the servers (altogether with 15 to
> 20                                                
> packages from them) and to export the display of the servers, to a
> "server                                               
> display" in the same net, and then to export the display of this "server                                                 
> display" through a tunniling ssh to a station here in the office...                                                      
In this setup, if an attacker gains access to one of your servers, he
will gain access to your local X display through the forwarded
connection and will be able to do things like keystroke monitoring.

Depending on your network layout he might also gain direct access to
your other servers through the unprotected exported displays. Or he
might wait until you log in to them and get your password from his
keystroke monitor.

Depending on your level of paranoia this may or may not be an acceptable
risk.

-- 
Tim van Erven <tve@vormig.net>
OpenPGP Key ID: 712CB811        Fingerprint: F6C9 61EE 242C C012 36D5
WWW: http://www.science.uva.nl/~talerven/    BBF8 6310 D557 712C B811

Reply to:

References:
- gkrellm and security
  - From: Bueno <bueno@catho.com.br>

Prev by Date: gkrellm and security
Next by Date: NIS(Client && Server) + Security
Previous by thread: gkrellm and security
Next by thread: NIS(Client && Server) + Security
Index(es):
- Date
- Thread