Re: Packet sniffing & regular users
Incoming from David Mandelberg:
> s. keeling wrote:
> > "... should be" != "are." Are you sure no-one there's using telnet,
> > ftp, & etc?
> Allowing network
> sniffing is just another good incentive not to send confidential data unencrypted.
Isn't it generally accepted that black hats who get local access (ie.,
a user login account) is _much_ worse than black hats who've been kept
out? Assuming black hat wants root, taking over a user's account is a
very big first step.
I would take the security of your user's accounts much more seriously
if I were you. If your users are leaving the door open, sooner or
later someone much worse than the paper boy is going to come stumbling
in.
--
Any technology distinguishable from magic is insufficiently advanced.
(*) http://www.spots.ab.ca/~keeling Please don't Cc: me.
- -
Reply to: