nanog mailing list archives
Re: Rootshell pages hacked
From: Adam Rothschild <asr () millburn net>
Date: Mon, 2 Nov 1998 09:51:32 -0500 (EST)
On Mon, 2 Nov 1998, Alex P. Rudnev wrote:
problem, UNIX one-time passwords are real problem. Another bad problem is _the same UNIX password for all purposes_ - I can sniff your FTP password and use it for SSH access (for example).
Very true. Then again, FTP'ing in cleartext is kinda stupid in and of itself. Why not just FTP thru an SSH tunnel? Or, if you're up for an adventure (and a not-totally-complete(TM) spec), try the secure file xfer stuff in SSH2...
Current thread:
- Re: Rootshell pages hacked Adam D. McKenna (Nov 01)
- Re: Rootshell pages hacked Paul Vixie (Nov 01)
- Re: Rootshell pages hacked Henry Linneweh (Nov 01)
- <Possible follow-ups>
- Re: Rootshell pages hacked Alex P. Rudnev (Nov 02)
- Re: Rootshell pages hacked Adam Rothschild (Nov 02)
- Re: Rootshell pages hacked John P. Reddy (Nov 02)
- Re: Rootshell pages hacked Mikael Abrahamsson (Nov 02)
- Re: Rootshell pages hacked Adam Rothschild (Nov 02)
- Re: Rootshell pages hacked Paul Vixie (Nov 01)
- Re: Rootshell pages hacked John Hawkinson (Nov 02)
- Re: Rootshell pages hacked Adam D. McKenna (Nov 02)
- Re: Rootshell pages hacked themonk (Nov 02)
- Re: Rootshell pages hacked Ryan Pavely (Nov 02)
- Re: Rootshell pages hacked alex (Nov 02)
- Re: Rootshell pages hacked Alex P. Rudnev (Nov 05)
- Re: Rootshell pages hacked Michael Freeman (Nov 05)
- old s/key patch for SSH (was Re: Rootshell pages hacked) John Hensley (Nov 05)
- Re: Rootshell pages hacked Michael Freeman (Nov 05)