Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Possible Trojan.

From: "John T. Hoffoss" <hoff0438 () umn edu>
Date: Tue, 28 Oct 2003 15:37:56 -0600
On Tue, Oct 28, 2003 at 11:46:30AM -0000, H Carvey wrote:

In-Reply-To: <20031027194238.14184.qmail () sf-www1-symnsj securityfocus com>
<snip>
Did he happen to mention what it is that makes him think this?  I ask, simply b/c I do some helpdesk work during my 
day-to-day activities and very often get really intelligent users who make certain assumptions that, well, are a 
little off base.
<snip> 
Finally, go ask your buddy what makes him think that his AOL password is being stolen when he logs on...


Perhaps he's storing the password on both machines, changed it, and didn't 
change it on the other client? If I remember correctly, when you email to 
retrieve a forgotten password, AOL resets it and mails it. If someone 
bothered to crack the password, they'd probably have gone and changed the 
email address too. But if not, the password would (should) be recoverable, 
which I assume it has been, since this has heppened to him repeatedly.

---------------------------------------------------------------------------
Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE
The Presidio integrates PGP data encryption and XML Web Services security to 
simplify the management and deployment of PGP and reduce overall PGP costs 
by up to 80%.
FREE WHITEPAPER & 30 Day Trial - 
http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: