Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 26 Jun 1995 08:10:32 +0200
From:      Mark Murray <mark@grondar.za>
To:        ache@astral.msk.su
Cc:        Mark Murray <mark@grondar.za>, Poul-Henning Kamp <phk@freefall.cdrom.com>, csgr@freebsd.org, current@freebsd.org, gibbs@freefall.cdrom.com, jkh@freefall.cdrom.com, paul@freebsd.org, rgrimes@gndrsh.aac.dev.com, Garrett Wollman <wollman@halloran-eldar.lcs.mit.edu>
Subject:   Re: Crypt code summary(2). 
Message-ID:  <199506260610.IAA11689@grumble.grondar.za>

next in thread | raw e-mail | index | archive | help
> >You guys want to hear something frightening? Eric Young (the `eay' in
> >SSLeay) has a friend who will make SATAN look stupid. He has, and is
> >going to release code that will snoop passwords out of new telnet and
> >FTP sessions. The purpose is to force the use of this (or any
> >equivalent technology). _They_ would prefer this to be SSLeay.
> 
> It isn't surprise, such code exists long time, if you have
> root on any machine in the local ethernet f.e, you can
> set card to promisc. mode and grab all traffic that goes through
> your local net, including ftp/telnet passwords. In more
> intelligent way you can use BPF filtering for it as tcpdump
> does. Then small artifical intelligense to recognize
> passwords through incoming data...

Sure. The concept has been around for a while. The point here is now this
code is going to be unleashed, and every twit-not-programmer will have the
tools to snoop with his FreeBSD/NetBSD/Linux box. Just like Crack - very
few dictionary attacks actually happened until this one came around. Now
most wise fols are running some form of shadow password.

M

--
Mark Murray
46 Harvey Rd, Claremont, Cape Town 7700, South Africa
+27 21 61-3768 GMT+0200



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199506260610.IAA11689>