Date: Wed, 4 Apr 2001 09:50:47 -0400 From: Gary Geisbert <ggeisbert@e-centives.com> To: Jon Rust <jpr@vcnet.com>, freebsd-questions@freebsd.org Subject: Re: 4.2S compromised: what now? Message-ID: <01040409504704.40117@fbsd.bethesda.emaginet.com> In-Reply-To: <20010404102928.A23357@mail.vcnet.com> References: <20010404102928.A23357@mail.vcnet.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wednesday 04 April 2001 13:29, Jon Rust wrote: > > The thing that concerns me is, how did they get into this account? I would start looking elsewhere on your network for answers. Your network is only secure as your weakest link.. :-\ Perhaps the user uses the same password for all accounts, and someone rooted another machine on your network, and setup a sniffer...? The best way to do it, is the same way you do a risk analysis, and work backwards. Think of all the steps that would have to happen for someone to compromise the users' password, and I'm sure you'll get pointed in the right direction. Good luck // Gary To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?01040409504704.40117>