From owner-freebsd-questions Sun Jul 29 20:49:22 2001 Delivered-To: freebsd-questions@freebsd.org Received: from chmls06.mediaone.net (chmls06.mediaone.net [24.147.1.144]) by hub.freebsd.org (Postfix) with ESMTP id 64A7337B401 for ; Sun, 29 Jul 2001 20:49:17 -0700 (PDT) (envelope-from leblanc@acadia.ne.mediaone.net) Received: from acadia.ne.mediaone.net (acadia.ne.mediaone.net [65.96.185.189]) by chmls06.mediaone.net (8.11.1/8.11.1) with ESMTP id f6U3nAg25081; Sun, 29 Jul 2001 23:49:10 -0400 (EDT) Received: (from leblanc@localhost) by acadia.ne.mediaone.net (8.9.3/8.9.3) id XAA07383; Sun, 29 Jul 2001 23:29:23 -0400 Date: Sun, 29 Jul 2001 23:29:22 -0400 From: Louis LeBlanc To: Ted Mittelstaedt , freebsd-questions@FreeBSD.org Subject: Re: URGENT - Seems like i've been hacked... what to do now? Message-ID: <20010729232922.A7149@acadia.ne.mediaone.net> Reply-To: freebsd-questions@FreeBSD.org Mail-Followup-To: Ted Mittelstaedt , freebsd-questions@FreeBSD.org References: <20010728142816.A29383@acadia.ne.mediaone.net> <003001c117f7$b619f540$1401a8c0@tedm.placo.com> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <003001c117f7$b619f540$1401a8c0@tedm.placo.com> User-Agent: Mutt/1.3.19i X-bright-idea: Lets abolish HTML mail! Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On 07/28/01 11:28 PM, Ted Mittelstaedt sat at the `puter and typed: > > Whoah, baby, Whoah!!! > > Do not fall for the idea that just because sshd has something to do with > encryption that it is in any way "secure" > > sshd has just as much potential for being hacked into as telnetd. If you > don't believe me then ask SSH corporation - they just announced a > vulnerability in their latest implementation of sshd. > > Remember - all programs are insecure. The only difference is whether or > not their vulnerabilities have been discovered yet. If you really want > a totally secure computer then turn it off!!! > > Ted Mittelstaedt tedm@toybox.placo.com > Author of: The FreeBSD Corporate Networker's Guide > Book website: http://www.freebsd-corp-net-guide.com > I stand corrected. I should really be more careful of my use of the word 'secure'. That is how I should have put it in my previous message, with quotes, as well as a qualifier of my use of the word. Anyway, I apologise if I have mislead anyone into a false sense of security. Here is my take: I feel safer executing commands and passing sensitive data like passwords over a 'secure' connection. These connections are encrypted and 'typically' much more difficult to eavesdrop on once they are established. Of course, for my situation, this is typically good enough. I know there is nothing of any use to anyone else, and I am relatively sure that even if someone were to crack into my system, they would find, not the equivalent of Fort Knox, but a pretty much barren wasteland. The only use anyone would have of my system is as a jumping off point to hack another system or as a multi-homed DOS attack. And I am sure there are plenty of other systems out there that are much easier targets. Sounds cold, but I see it as a case of "I don't have to outrun the bear, I just have to outrun the other guy". The bear will usually take the easier target, and there are plenty of them out there. If it is just a trophy hunter, who simply wants to hack it because it _is_ a more difficult target, why not hit a more visible target, like the IRS? They were hacked recently, weren't they? Ah, well. I could be flirtin' with disaster here, but . . . Thanks for the correction Ted :) -- Louis LeBlanc leblanc@acadia.ne.mediaone.net Fully Funded Hobbyist, KeySlapper Extrordinaire :) http://acadia.ne.mediaone.net ԿԬ brain, n: The apparatus with which we think that we think. -- Ambrose Bierce, "The Devil's Dictionary" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message