Re: 3rd party liability Was RE: This is a must read document

[Roy Rapoport]

On Mon, 11 Jun 2001, Zachary Uram wrote:
> > a well-configured SSH server and you break into it because you used EM
> > snooping to listen to my keystrokes, I'm obviously not at fault for what
> 
> Are there any cases of private individuals hacking sites through
> EM snooping. How would you catch them if there is no logs, no
> trace of the intrusion???

EM snooping, as I'm thinking of it (we're leaving aside the growing number
of 802.11b networks out there -- I'm writing this from my living room using
an 802.11b network), wouldn't actually be used to _hack_ the site, but
rather to find a usable password/username pair.  Once you have that, you'll
still need to use an active measure (to differentiate from the passive
measure that is EM snooping) to log into the system.  You'd get logs from
that.

-roy

-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]