[21060] in North American Network Operators' Group
Re: Rootshell pages hacked
daemon@ATHENA.MIT.EDU (alex@nac.net)
Mon Nov 2 20:30:12 1998
From: alex@nac.net
Date: Mon, 2 Nov 1998 15:32:35 -0500 (EST)
To: Ryan Pavely <paradox@nac.net>
cc: Michael Freeman <mikef@boris.talentsoft.com>,
"Adam D. McKenna" <adam@flounder.net>, Joe Shaw <jshaw@insync.net>,
JR Mayberry <rick@magpage.com>, neil <neil@junior.uwc.ac.za>,
Russ Haynal <russ@navigators.com>, nanog@merit.edu
In-Reply-To: <363BCAC9.8E58835E@nac.net>
>
> Moral.. Don't trust ssh.
>
> -Ryan
> Net Access Corporation
Even though he works for me, I don't agree with him.
SSH inherently itself is quite secure, obviously. I use it daily and
encourage our staff to do the same.
The exploit (really, trojan horse) that Ryan describes is something you
can do on your own machine to capture other folks passwords.
This, however, is true in most cases.
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
Atheism is a non-prophet organization. I route, therefore I am.
Alex Rubenstein, alex@nac.net, KC2BUO, ISP/C Charter Member
Father of the Network and Head Bottle-Washer
Net Access Corporation, 9 Mt. Pleasant Tpk., Denville, NJ 07834
Don't choose a spineless ISP; we have more backbone! http://www.nac.net
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
