From: Eric Murray <ericm@lne.com>
To: corbet@stout.atd.ucar.edu (Jonathan Corbet)
Message Hash: cca05e79eca8b4a73f31604dc6cf65b5c42f2934a15a203c3fe9f28005ccfe9a
Message ID: <199609271621.JAA25705@slack.lne.com>
Reply To: <199609271501.JAA14868@atd.atd.ucar.EDU>
UTC Datetime: 1996-09-27 20:12:11 UTC
Raw Date: Sat, 28 Sep 1996 04:12:11 +0800
From: Eric Murray <ericm@lne.com>
Date: Sat, 28 Sep 1996 04:12:11 +0800
To: corbet@stout.atd.ucar.edu (Jonathan Corbet)
Subject: Re: ssh - How widely used?
In-Reply-To: <199609271501.JAA14868@atd.atd.ucar.EDU>
Message-ID: <199609271621.JAA25705@slack.lne.com>
MIME-Version: 1.0
Content-Type: text/plain
Jonathan Corbet writes:
[stuff about SSH deleted]
> When my local ISP found a password sniffer running on his machine and went
> into red alert, I just smiled and didn't bother to change my passwords on
> hosts I had logged into via the ISP's net.
You probably should. There's more places to 'sniff' information than
just from the network. An example is the Streams-based tty snooper.
It pushes a Streams module between the tty and the shell.
No encryption program can protect that, as it has to be in
the clear unless you can do RC4 in your head. :-)
The program I'm thinking of (sorry I forgot the name) lets the operator
both read and write to any tty session on the machine.
--
Eric Murray ericm@lne.com ericm@motorcycle.com http://www.lne.com/ericm
If you don't see the fnords, they won't eat your packets. If you do see the
fnords, they will eat your packets, so you won't see them.
PGP keyid:E03F65E5 fingerprint:50 B0 A2 4C 7D 86 FC 03 92 E8 AC E6 7E 27 29 AF
Return to September 1996
Return to “Roger Williams <roger@coelacanth.com>”