nanog mailing list archives
Re: Rootshell pages hacked
From: "John P. Reddy" <jreddy () lightning net>
Date: Mon, 02 Nov 1998 10:10:21 -0500
At 09:51 AM 11/2/98 -0500, Adam Rothschild wrote:
On Mon, 2 Nov 1998, Alex P. Rudnev wrote:problem, UNIX one-time passwords are real problem. Another bad problem is _the same UNIX password for all purposes_ - I can sniff your FTP password and use it for SSH access (for example).Very true. Then again, FTP'ing in cleartext is kinda stupid in and of itself. Why not just FTP thru an SSH tunnel? Or, if you're up for an adventure (and a not-totally-complete(TM) spec), try the secure file xfer stuff in SSH2...
Or, for the unix-inclined, scp works rather well under SSH 1.2.x -- My public PGP key may be found at http://www.lightning.net/~jreddy John Patrick Reddy Sr. System Administrator Lightning Internet Services, LLC. Tel.(516)248-8400x123 327 Sagamore Ave Pag.(888)935-2700 Mineola, NY 11501 Fax.(516)248-8897
Current thread:
- Re: Rootshell pages hacked Adam D. McKenna (Nov 01)
- Re: Rootshell pages hacked Paul Vixie (Nov 01)
- Re: Rootshell pages hacked Henry Linneweh (Nov 01)
- <Possible follow-ups>
- Re: Rootshell pages hacked Alex P. Rudnev (Nov 02)
- Re: Rootshell pages hacked Adam Rothschild (Nov 02)
- Re: Rootshell pages hacked John P. Reddy (Nov 02)
- Re: Rootshell pages hacked Mikael Abrahamsson (Nov 02)
- Re: Rootshell pages hacked Adam Rothschild (Nov 02)
- Re: Rootshell pages hacked Paul Vixie (Nov 01)
- Re: Rootshell pages hacked John Hawkinson (Nov 02)
- Re: Rootshell pages hacked Adam D. McKenna (Nov 02)
- Re: Rootshell pages hacked themonk (Nov 02)
- Re: Rootshell pages hacked Ryan Pavely (Nov 02)
- Re: Rootshell pages hacked alex (Nov 02)
- Re: Rootshell pages hacked Alex P. Rudnev (Nov 05)
- Re: Rootshell pages hacked Michael Freeman (Nov 05)
- old s/key patch for SSH (was Re: Rootshell pages hacked) John Hensley (Nov 05)
- Re: Rootshell pages hacked Alex P. Rudnev (Nov 05)
- Re: Rootshell pages hacked Michael Freeman (Nov 05)