nanog mailing list archives

Re: 2511 line break

From: "Stephen J. Wilcox" <steve () telecomplete co uk>
Date: Mon, 26 Jul 2004 22:52:14 +0100 (BST)


On Mon, 26 Jul 2004, Randy Bush wrote:

whats the difference between telnet from a directly connected host and a
serial line?


if the 'directly connected host' is on multi-point medium, then it
is subject to sniff attacks


I realised that but you can 'sniff' a serial line if you physically tap it, 

you're saying you can setup a span port much easier as its software tho right? 
but that requires you to have compromised the switch and an attached server, 
that in itself should be throwing up some alarms - rancid, tripwire etc?

it would be easier to hack the host directly and install a keylogger, only one 
hack to do that way and you can grab any passwds from telnet or ssh sessions

Steve

Current thread:

Re: 2511 line break, (continued)
- Re: 2511 line break Stephen J. Wilcox (Jul 26)
- Re: 2511 line break Robert E. Seastrom (Jul 26)
  - Re: 2511 line break Randy Bush (Jul 26)
    - Re: 2511 line break Robert E. Seastrom (Jul 26)
    - Re: 2511 line break Valdis . Kletnieks (Jul 26)
    - Re: 2511 line break vijay gill (Jul 26)
    - Re: 2511 line break Randy Bush (Jul 26)
    - Re: 2511 line break Andy Dills (Jul 26)
    - Re: 2511 line break Stephen J. Wilcox (Jul 26)
    - Re: 2511 line break Randy Bush (Jul 26)
    - Re: 2511 line break Stephen J. Wilcox (Jul 26)
    - Re: 2511 line break Randy Bush (Jul 26)
    - Re: 2511 line break Laurence F. Sheldon, Jr. (Jul 26)
- RE: 2511 line break Michel Py (Jul 26)
- Re: 2511 line break Dickson, Brian (Jul 26)
- RE: 2511 line break Michel Py (Jul 26)
- Re: 2511 line break Robert Bonomi (Jul 26)
  - Re: 2511 line break Ingo Flaschberger (Jul 26)
    - Re: 2511 line break Joe Abley (Jul 26)
    - Re: 2511 line break Randy Bush (Jul 26)
    - Re: 2511 line break Ricardo "Rick" Gonzalez (Jul 26)

(Thread continues...)