[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Packet sniffing & regular users

Incoming from David Mandelberg:
> s. keeling wrote:
> > "... should be" != "are."  Are you sure no-one there's using telnet,
> > ftp, & etc?
>                                                                 Allowing network
> sniffing is just another good incentive not to send confidential data unencrypted.

Isn't it generally accepted that black hats who get local access (ie.,
a user login account) is _much_ worse than black hats who've been kept
out?  Assuming black hat wants root, taking over a user's account is a
very big first step.

I would take the security of your user's accounts much more seriously
if I were you.  If your users are leaving the door open, sooner or
later someone much worse than the paper boy is going to come stumbling
in. 


-- 
Any technology distinguishable from magic is insufficiently advanced.
(*)    http://www.spots.ab.ca/~keeling      Please don't Cc: me.
- -
Reply to: