Not to argue and bicker too much more (and hopefully not start a flame war),
but...
>From: mouss [mailto:[EMAIL PROTECTED]]
> From the README file of ethereal:
>"In order to capture packets from the network, you need to be
>running as root,
Agreed, but it's not that hard to get a *nix box up and running (as root) on
a LAN, and to sniff passwords off the LAN (keyword here is _LAN_). Agreed,
it is difficult from the Internet, WAN, non-local subnet, etc, but alot of
companies have all the admins on the same subnet, going to boxes on other
subnets. So the point is, _even_ on your LAN you shouldn't be using telnet
(which sends passwords in clear text) to get to the box for admin purposes
(i.e. you're either logging in as root, or going to su to root once there as
your personal account, either way, your password is in clear text out on the
LAN).
It's not that far-fetched to imagine a disgruntled PC tech loading Linux up
(on a _spare_ PC, you know, just to check out Linux), putting it undetected
on the "admin" subnet, and letting it run a packet sniffer for a day or two
(or longer!), and then searching through the captured data, looking for root
passwords.
>you can only sniff packets travelling in lines physically connected to you.
>You can harldy
>ethersuck the other side of the moon.
The feeling I got was that Ronneil was discussing LAN activity, whereas you
are discussing remote (internet, WAN, non-local subnets, etc.) in which case
you are correct, that someone attacking you from the Internet in this way,
is much more far-fetched!
>
>
>which enters in the "unless someone manages to run a packet ...."
>and that's the sense of my "exagerated" qualifier. I mean, that's not
>as easy as running a sniffer on one's machine.
IMHO, it _IS_ that easy, when on a local LAN, and I thought that is where
Ronneil was coming from.
echo $flames_intended
flames_intended=false
Jeff
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
