Date: Mon, 23 Aug 1999 18:39:47 -0400 From: "Mark S. Reichman" <reichman@twcny.rr.com> To: avenger <arch@ecis.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Logging in as root Message-ID: <37C1CDB3.CCA57CA6@twcny.rr.com> References: <99082216103500.00824@Orion>
next in thread | previous in thread | raw e-mail | index | archive | help
Any time you log in as root remotely over a network with a unencrypted data stream anyone on the network can sniff your password whether you log in as root or a joe schmoe user if they are so inclined. Your network packets are visible to anyone on your subnet. A sniffer can see and reprint anything you type that hits the network if the sniffer is located in the right place. Sniffers can take the unencrypted data stream and put the packets together and print them out or save them to a file. It is very easy to search a huge unencrypted file for root<cr> or su<cr> or su -<cr> and then look for the unencrypted text following, which would be the root password. :) I, ofcourse, have never done this. :P If the data stream hitting the network is encrypted(ssh2) then the sniffed text wont make any sense to a human or supposedly any known/available decryption program at this time. If you log on directly at the console of the machine then the network is not involved, so the only way a password can be compromised is if someone is watching you type or the permissions of the password file in /etc are hosed. Disclaimer: I am no security expert and there are many security concerns. (setuid root, active ports) From what I have seen/read, many people use ssh2 for remote communications. This would be your best bet if you are worried about someone stealing your root password off a network. avenger wrote: > > While i am not dumb and dont log in as root always, every so often i need > to log in as root for various things. what i am asking is, as root, do i open up > any sort of security issue when connected online (i.e. some sort of a hole that > will compromise my system) ? I dont run a firewall. Besides being dangerous to > myself, can someone else mess with my system while i am root, or is the danger > the same as logging in as a regular user? > > thanks > Dan > arch@ecis.com > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?37C1CDB3.CCA57CA6>