Re: Debian Investigation Report after Server Compromises

To: "debian-user" <debian-user@lists.debian.org>
Subject: Re: Debian Investigation Report after Server Compromises
From: "Hoyt Bailey" <hoyt13@wiredok.com>
Date: Sat, 6 Dec 2003 06:06:26 -0600
Message-id: <[🔎] 00b801c3bbf1$79545bf0$245a22d0@blackgold>
References: <[🔎] bqqjsv$e9q$1@sea.gmane.org>

----- Original Message ----- 
From: "Hugo Vanwoerkom" <hvw59601@care2.com>
To: <debian-user@lists.debian.org>
Sent: Friday, December 05, 2003 12:47
Subject: Re: Debian Investigation Report after Server Compromises


> Hoyt Bailey wrote:
> > ----- Original Message ----- 
> > From: "csj" <csj@zapo.net>
> > To: <debian-user@lists.debian.org>
> > Sent: Wednesday, December 03, 2003 22:40
> > Subject: Re: Debian Investigation Report after Server Compromises
> >
> >
> >
> >>On 3. December 2003 at 5:52PM -0800,
> >>Vineet Kumar <vineet@doorstop.net> wrote:
> >>
> >>
> >>>* Monique Y. Herman (spam@bounceswoosh.org) [031203 16:59]:
> >>>
> >>>>I have been wondering about the password-sniffing thing, too.
> >>>>If you send a password using ssh, isn't it encrypted?
> >>>>
> >>>>I suppose some debian developer's kid sister could have
> >>>>installed a keystroke logger on the dev machine ... um ...
> >>>
> >>>Almost there -- minus the assumption that one needs physical
> >>>access to a machine to install a keystroke logger.  At the risk
> >>>of perpetuating the telephone game, I recall reading that the
> >>>developer's machine had been rooted.  I didn't hear how, but I
> >>>don't really see how it matters.  I picture an always-on
> >>>machine in someone's home on a DSL or cable line.
> >>
> >>Now I'm curious: is it possible to get rooted while on dialup?
> >>I'm thinking of a user with access to a slow but dirt cheap
> >>dialup connection and so is online for significant stretches,
> >>say, eight hours.  This also assumes that no trojans or similar
> >>have been installed on the user's system.
> >>
> >
> > FYI.  As one who has caught several virisus.  It can happen on dialup
and it
> > has always happened to me while downloading virisus definitions from
> > Norton.com.
>
> Virus definitions for Linux from norton.com?
>
>
> Hugo.
>
Of course not however I believe a virus is a virus which needs to be
modified to infect any OS.    The question was about dialup I think it
applys.
Hoyt

Reply to:

References:
- Re: Debian Investigation Report after Server Compromises
  - From: Hugo Vanwoerkom <hvw59601@care2.com>

Prev by Date: Re: stable release version 3.0r1
Next by Date: Re: Using aide for detection
Previous by thread: Re: Debian Investigation Report after Server Compromises
Next by thread: fast - Re: Debian Investigation Report after Server Compromises
Index(es):
- Date
- Thread