Bugtraq mailing list archives
Re: identd hole?
From: rquinn () sprint net (Rob Quinn)
Date: Tue, 16 Jul 1996 07:35:49 -0400
Lately I've heard rumours about this 'identd' hole in RFC1413
It's been a while since I looked at it, but won't identd actually tell you about any connection on the machine and who owns it? Maybe he's using that in some way to follow you around and find out what machines you are connecting to.
Then today I had someone claim they had the root password on my machine at home. So I telnetted in, changed it
Are you sure he doesn't have root on your machine at work, or a machine on the same net? If he was snooping the net as you telnet'ed home, you were just re-opening the door to him. Heck, maybe he didn't have the root password at all until you telneted in and changed it. -- | It must be true, Rob Quinn | | I saw it (703)904-2125 | | on tv. rquinn () sprint net | | Sprint Corporate Security |
Current thread:
- Re: at the risk of another flamefest.. Peter Jeremy (Jul 15)
- Re: at the risk of another flamefest.. David Stagner (Jul 15)
- identd hole? Brett L. Hawn (Jul 15)
- Re: identd hole? Rob Quinn (Jul 16)
- <Possible follow-ups>
- Re: at the risk of another flamefest.. Eugene Bradley (Jul 15)
- Re: at the risk of another flamefest.. Eugene Bradley (Jul 15)
- Re: at the risk of another flamefest.. Mike Neuman (Jul 15)
- Re: at the risk of another flamefest.. Brian Clapper (Jul 16)
- Re: at the risk of another flamefest.. David Miller (Jul 16)
- Re: at the risk of another flamefest.. David Stagner (Jul 16)
- [linux-security] sliplogin David Holland (Jul 16)
- Re: at the risk of another flamefest.. Steve \ (Jul 16)
- Re: at the risk of another flamefest.. Eugene Bradley (Jul 16)