Re: hacked?

To: debian-user@lists.debian.org
Subject: Re: hacked?
From: debian-user.lists.debian.org@marc-haber.de (Marc Haber)
Date: Sun, 30 Apr 2000 09:30:05 GMT
Message-id: <[🔎] E12lq4b-0003aV-00@q.bofh.de>
In-reply-to: <[🔎] Pine.LNX.4.10.10004270856150.11074-100000@spider.noah>
References: <[🔎] Pine.LNX.4.10.10004270856150.11074-100000@spider.noah>

On Thu, 27 Apr 2000 09:02:05 -0400 (EDT), you wrote:
>On the other hand, I do not feel as strongly as other posters that telnet
>needs to be disabled in order to have a secure machine.  Strong passwords
>will work just as well.  I have an account on a large Solaris network
>where telnet has been open for ages, and will continue to be.  The passwd
>program in *incredibly* anal about ensuring that all passwords are
>complex.  To my knowledge there has never been a significant security
>breach on this network.

You have been lucky. Even secure passwords can be sniffed, and telnet
sessions already established can be hijacked. That way, the attacker
doesn't even have to wait for your password to fly around.

Greetings
Marc

-- 
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber          |   " Questions are the         | Mailadresse im Header
Karlsruhe, Germany  |     Beginning of Wisdom "     | Fon: *49 721 966 32 15
Nordisch by Nature  | Lt. Worf, TNG "Rightful Heir" | Fax: *49 721 966 31 29

Reply to:

Follow-Ups:
- RE: hacked?
  - From: "Chris Mason" <chris@net.ai>

References:
- Re: hacked?
  - From: "Noah L. Meyerhans" <frodo@morgul.net>

Prev by Date: Re: Mounting SCSI CD-ROM during Install
Next by Date: Re: how to burn from iso file in xcdroast
Previous by thread: Re: hacked? - ftp
Next by thread: RE: hacked?
Index(es):
- Date
- Thread