Re: Debian Investigation Report after Server Compromises
On Wed, 03 Dec 2003 at 23:05 GMT, Monique Y. Herman penned:
> I have been wondering about the password-sniffing thing, too. If you
> send a password using ssh, isn't it encrypted?
> I suppose some debian developer's kid sister could have installed a
> keystroke logger on the dev machine ... um ...
> The "sniffing" part of this exploit has been left unexplained thus
> far. Maybe that's because the mechanism is obvious to the initiated
> ... but it's not obvious to me.
After reading a few more responses, I realize that of course a debian
developer's machine could get compromised. I guess I just thought they
were infallible *grin*
Now, the real question is, what exploit was used to get onto that dev's
machine in the first place?