ssh - How widely used?
Eric Murray
ericm at lne.com
Fri Sep 27 13:12:11 PDT 1996
Jonathan Corbet writes:
[stuff about SSH deleted]
> When my local ISP found a password sniffer running on his machine and went
> into red alert, I just smiled and didn't bother to change my passwords on
> hosts I had logged into via the ISP's net.
You probably should. There's more places to 'sniff' information than
just from the network. An example is the Streams-based tty snooper.
It pushes a Streams module between the tty and the shell.
No encryption program can protect that, as it has to be in
the clear unless you can do RC4 in your head. :-)
The program I'm thinking of (sorry I forgot the name) lets the operator
both read and write to any tty session on the machine.
--
Eric Murray ericm at lne.com ericm at motorcycle.com http://www.lne.com/ericm
If you don't see the fnords, they won't eat your packets. If you do see the
fnords, they will eat your packets, so you won't see them.
PGP keyid:E03F65E5 fingerprint:50 B0 A2 4C 7D 86 FC 03 92 E8 AC E6 7E 27 29 AF
More information about the cypherpunks-legacy
mailing list