[100] in I/T Delivery
Why we need to use encrypted telnet....
daemon@ATHENA.MIT.EDU (Mike Barker)
Mon Sep 29 17:39:01 1997
To: delivery@MIT.EDU
Date: Mon, 29 Sep 1997 17:38:50 EDT
From: Mike Barker <mbarker@MIT.EDU>
here's a copy of that article.
mike
------- Forwarded Message
Date: Tue, 23 Sep 1997 19:51:23 -0400
Message-Id: <199709232351.TAA00856@dcl.MIT.EDU>
From: "Theodore Y. Ts'o" <tytso@MIT.EDU>
To: itit@MIT.EDU
Subject: Why we need to use encrypted telnet....
Address: 1 Amherst St., Cambridge, MA 02139
Phone: (617) 253-8091
The following should serve as a wakeup call to those who are still using
unencrypted telnet sessions..... there are now painless tools to do
telnet hijacking. It's only going to be a matter of time before a
critical mass of bored high school students (tm) pick up on this
technique....
- Ted
------- Forwarded Message
Date: Tue, 23 Sep 1997 09:57:43 -0700
From: Bill Faust <faust@pobox.com>
To: linux-security@redhat.com
Subject: [linux-security] C't Article on Juggernaut
There is a recent article in the German magazine C't that may be of
interest to those on this list. It describes a cracker program,
Juggernaut, which can hijack telnet sessions. The program is written
specifically to run under Linux. An english translation of the article
is available at:
http://www.ix.de/ct/english/9710142/
It also mentions that they are working on a version of the program that
runs from a boot floppy. That is, walk up to any PC (probably not
running Linux) on a given network , boot Linux from floppy, run
Juggernaut to hijack telnet sessions, do all sorts of bad things, eject
floppy, and go away.
Since the program is widely circulated, everyone should at least be
aware of the attack.
- - --
Bill Faust
- - --
- - ----------------------------------------------------------------------
Please refere to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
- - ----------------------------------------------------------------------
To unsubscribe: mail -s unsubscribe test-list-request@redhat.com < /dev/null
------- End of Forwarded Message
