Hello dear list, I must say it was (is!) a very nice event here in Bern.
The wlan network here was very well used, also by people
using CLEAR TEXT PROTOCOLS, which then let me discover MORE
CLEAR TEXT PASSWORDS.
Just a little summary:
- about 5 people using POP3, FTP, HTTP AUTH (w/o https)
- 4 E-Mail adresses containing partial customer data
- one nagios system (Hey, the guy I mean should check his
hosts, one has HTTPS down...)
- One time phpmyadmin (!) used, the databases stored there
contain clear text passwords (Partly). Btw, please fix
your typo3 installation.
So far, I am happy not to have found more insecure connections.
Happy Hacking and a nice evening,
Nico
P.S.: For all those not sure, whether they are affected, simply
change your password, I am perhaps not the only person that
knows your passwords now.
--
``...if there's one thing about Linux users, they're do-ers, not whiners.''
(A quotation of Andy Patrizio I completely agree with)
signature.asc
Description: Digital signature
_______________________________________________ swinog mailing list [email protected] http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
