Tonton Rabena wrote:
> ----- Original Message -----
> From: "Rafael R. Sevilla" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Saturday, June 23, 2001 8:58 PM
> Subject: Re: [plug] Allowing root to Telnet
> > I think that the vast majority of security breaches here at Inter.Net are
> > caused by crackers sniffing passwords revealed by telnet.
>
> I myself is using telnet, do you think they can sniff my password??
If you're sending packets over the public internet (e.g. through
networks beyond your control), it is very likely that someone,
somewhere, is sniffing them. If you're on a university LAN, the
probability approaches 100% ;-).
> security breaches were made by running exploitable daemons ...
Or unsafe protocols (of which Telnet, POP3 and IMAP are prime examples),
gullible/careless users, or incompetent/indifferent administrators.
> in the first place how could they run a sniffer if they dont have access to
> your servers?
But they don't need access to your server, they just have to see your
(telnet,pop3,imap,etc.) packets. There are ethernet packet sniffers for
most OS's, including Windows and DOS (we used them in college when
playing around with network protocols).
Brian
_
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
To subscribe to the Linux Newbies' List: send "subscribe" in the body to
[EMAIL PROTECTED]
