[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ssh - How widely used?

To: [email protected] (Jonathan Corbet)
Subject: Re: ssh - How widely used?
From: Eric Murray <[email protected]>
Date: Fri, 27 Sep 1996 09:21:57 -0700 (PDT)
Cc: [email protected]
In-Reply-To: <[email protected]> from "Jonathan Corbet" at Sep 27, 96 09:01:30 am
Sender: [email protected]

Jonathan Corbet writes:

[stuff about SSH deleted]

> When my local ISP found a password sniffer running on his machine and went
> into red alert, I just smiled and didn't bother to change my passwords on
> hosts I had logged into via the ISP's net.

You probably should.  There's more places to 'sniff' information than
just from the network.  An example is the Streams-based tty snooper.
It pushes a Streams module between the tty and the shell.
No encryption program can protect that, as it has to be in
the clear unless you can do RC4 in your head. :-)

The program I'm thinking of (sorry I forgot the name) lets the operator
both read and write to any tty session on the machine.

-- 
Eric Murray  [email protected]  [email protected]  http://www.lne.com/ericm
If you don't see the fnords, they won't eat your packets.  If you do see the
fnords, they will eat your packets, so you won't see them.
PGP keyid:E03F65E5 fingerprint:50 B0 A2 4C 7D 86 FC 03  92 E8 AC E6 7E 27 29 AF

References:
- Re: ssh - How widely used?
  - From: Jonathan Corbet <[email protected]>

Prev by Date: Re: Public Schools
Next by Date: David Sobel interview on ISP-TV Monday Night Sept. 30
Prev by thread: Re: ssh - How widely used?
Next by thread: Re: ssh - How widely used?
Index(es):
- Date
- Thread