Recently, a Linux box that I had a part in setting up as a web server was
hacked and a Zombie program deposited on it. The consensus was that the
hacker probably got in through ftp. I've read all the past posting on how
ftp passes id and passwords in the clear, but I'm not sure how the hacker
captures these unencrypted messages if he can't physically place a sniffer
on the network? I went to the OpenSSH site and read that eavesdropping and
connection hijacking are problems with ftp but could not find how these
worked. My first question is: What are the actual mechanics of hacking into
a machine through a ftp hole if you don't have physical access to the
network?
My second question is: If a hacker can't sniff the ids and passwords and
must resort to programs that guess, then why is ssh considered more secure?
Couldn't the hacker use these same programs to guess an id and password for
let's say a PuTTY session?
Tom Laurie
NH Office of Emergency Management
Systems Manager
603 223-3617
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
