Cory Thanks for the response and clarifing server and client security. I've learned a lot from the group and how important it is to be proactive with your computer or network. As Larry Price said "Whewhoo, I'm not the only person who's not insanely paranoid. ". I don't think he's the only one. You and the whole group has helped me in a learning process about security and networking. I thought you would give a good response that why I asked the question. Thank you.
When I read about the hardware keyboard logger one site I was amazed. I thought how easy it would be to put one on a machine. But the hardware keyboard logger is Operating System blind. It doesn't care what OS your running it's there to capture keystrokes. Again Thanks Tim On Sunday 21 July 2002 23:47, you wrote: > Tim, > > Just because a system runs windows doesn't mean it is insecure. If this > were true then every windows system on the internet would be cracked via > worms and crackers. The windows kernel may be insecure and have it's > problems, but what is more important for first contact are the services > running on the network interface. If the service is insecure, such as > IIS then this allows a cracker to enter the system. > > Sshd on cygwin is the same as sshd on unix. In general, if it is > insecure on windows then it is insecure on unix. If there is a security > vulnerability, that is. > > Sshd and cygwin on windows may be setup improperly and thus allow a user > to gain access to things he shouldn't. This is easier to mess up on > windows than it is on unix because of default installation > configuration. However for my purposes, my ntlogcheck program and I are > the only ones that I allow to log in to my windows servers through ssh. > > So the answer to your question is no. Cygwin and ssh can be configured > securely to allow users to log in to it without gaining access to things > they should not. The question about keyboard loggers and other programs > is not relevant. One can write the same on unix. Some keyboard loggers > are hardware devices that sit between the keyboard and the computer. > However when one logs in to a server via ssh, the server keyboard is not > used. > > Cory > > On Sat, Jul 20, 2002 at 12:43:07PM -0500, Timothy Bolz wrote: > > Cory > > Wouldn't cygwin and sshd be insecure because it's on a windows box. > > Because in windows you can run keyborard loggers and other programs. > > Just Curious. Tim > > > > On Saturday 20 July 2002 02:13, you wrote: > > > I use cygwin. Especially sshd. I've got a linux server that connects > > > to windows machines via ssh, dumps their event logs into a mysql > > > database, then runs ignore queries to product an email report for me. > > > It works much like logcheck for unix. I've been intending to post to > > > the list to see if there is interest others trying to implement the > > > code. Consider it announced. > > > > > > On Fri, Jul 19, 2002 at 03:50:29PM -0700, Benjamin Huot wrote: > > > > Does anyone else use popular GNU programs on Windows - OpenOffice, > > > > Abiword, Gimp, gVim, BASH, HTMLdoc? > > > > > > > > Landscapes of the Mind > > > > [EMAIL PROTECTED]
