Re: Debian Investigation Report after Server Compromises
----- Original Message -----
From: "csj" <csj@zapo.net>
To: <debian-user@lists.debian.org>
Sent: Wednesday, December 03, 2003 22:40
Subject: Re: Debian Investigation Report after Server Compromises
> On 3. December 2003 at 5:52PM -0800,
> Vineet Kumar <vineet@doorstop.net> wrote:
>
> > * Monique Y. Herman (spam@bounceswoosh.org) [031203 16:59]:
> > > I have been wondering about the password-sniffing thing, too.
> > > If you send a password using ssh, isn't it encrypted?
> > >
> > > I suppose some debian developer's kid sister could have
> > > installed a keystroke logger on the dev machine ... um ...
> >
> > Almost there -- minus the assumption that one needs physical
> > access to a machine to install a keystroke logger. At the risk
> > of perpetuating the telephone game, I recall reading that the
> > developer's machine had been rooted. I didn't hear how, but I
> > don't really see how it matters. I picture an always-on
> > machine in someone's home on a DSL or cable line.
>
> Now I'm curious: is it possible to get rooted while on dialup?
> I'm thinking of a user with access to a slow but dirt cheap
> dialup connection and so is online for significant stretches,
> say, eight hours. This also assumes that no trojans or similar
> have been installed on the user's system.
>
FYI. As one who has caught several virisus. It can happen on dialup and it
has always happened to me while downloading virisus definitions from
Norton.com. I dont believe that norton was infectied. Therefore it came
from somewhere else.
Hoyt
Reply to: