Date: Thu, 1 Jan 1998 17:52:22 -0500 (EST) From: mgraffam@mhv.net To: "Randy A. Katz" <randyk@ccsales.com> Cc: mgraffam@mhv.net, Steve Hovey <shovey@buffnet.net>, questions@FreeBSD.ORG Subject: Re: HACKED (again) Message-ID: <Pine.LNX.3.96.980101172736.28029E-100000@localhost> In-Reply-To: <3.0.5.32.19980101143122.02cd5740@ccsales.com>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- On Thu, 1 Jan 1998, Randy A. Katz wrote: > >I dont think this is necessarily a problem with ssh. Ssh's security can > >be circumvented through the insecurity of other things that are running, > >such as ftp. > How do they get that kind of control with ftp? Are there standard exploits? > I had removed all anonymous access to that box...guess that wasn't it, eh? Well, because ftp's passwords are sent in the clear one can sniff an FTP session to get the account password, and like I said before once they do this..they can change the user's ssh config files to get through ssh. This is a common attack, a friend of mine had his system hacked in exactly this way.. fortunately the attacker was a good natured guy, and emailed his logs and details on the attack to my friend, who then secured ftp. Michael J. Graffam (mgraffam@mhv.net) http://www.mhv.net/~mgraffam -- Philosophy, Religion, Computers, Crypto, etc "Enlightenment is man's emergence from his self-incurred immaturity. Immaturity is the inability to use one's own understanding without the guidance of another. . .Sapere aude! Have the courage to use your own understanding!" - Immanuel Kant "What is Enlightenment?" -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 5.0i for non-commercial use Charset: noconv iQCVAwUBNKweLAKEiLNUxnAfAQFQVQP/Q2EmcKa0NjrC+5+XQf4OFqPK6GrMdEqv fe0tdq0nVqAdYRlf0imPp701i95tTzXN4CiefrJTjX2g84ORSXI7F/ioouy8Vuax CbzQ7NyJNymmvPodMnI0OwdLZAKl+JC6sPooeELWRXkT/yBdAveG2nMt4xKGL6pt 6mhNR3DsnJw= =NUb3 -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.3.96.980101172736.28029E-100000>