Cameron Kaiser wrote: > If I may say (nothing here stated against Mr. Johnson or his IT group), a lot > of ISPs have it in their head that shells are inherently insecure based on > events like these, whereas an unprotected SLIP/PPP dialup can be equally > damaging and give hackers a difficult-to-trace entry point to other systems, > just like a shell prompt.
Shell accounts are not inherently insecure. I never said that and any ISP that says that to you is either ignorant, lying, or (moist likely) simplifying things for their (largely non-technical ) users. However, shell accounts in the hands of 400-700 non-professionals who then set their passwords to 'malibu' because "...that's the name of my dog, and no one would think of naming their dog 'Malibu'"...is *another* entire kettle of fish. And actually, if someone uses our dial-in terminal server to attack someone, we know 'who' (as in the user that authenticated to the server) was using which line when, and the phone co will give us the phone number involved. -- Bruce Johnson University of Arizona College of Pharmacy Information Technology Group Institutions do not have opinions, merely customs -- PowerBooks is sponsored by <http://lowendmac.com/> and... Small Dog Electronics http://www.smalldog.com | Enter To Win A | -- Canon PowerShot Digital Cameras start at $299 | Free iBook! | Support Low End Mac <http://lowendmac.com/lists/support.html> PowerBooks list info: <http://lowendmac.com/lists/powerbooks.shtml> --> AOL users, remove "mailto:"; Send list messages to: <mailto:[EMAIL PROTECTED]> To unsubscribe, email: <mailto:[EMAIL PROTECTED]> For digest mode, email: <mailto:[EMAIL PROTECTED]> Subscription questions: <mailto:[EMAIL PROTECTED]> Archive: <http://www.mail-archive.com/powerbooks%40mail.maclaunch.com/> Using a Mac? Free email & more at Applelinks! http://www.applelinks.com
