North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Rootshell pages hacked
At 09:51 AM 11/2/98 -0500, Adam Rothschild wrote: >On Mon, 2 Nov 1998, Alex P. Rudnev wrote: > >> problem, UNIX one-time passwords are real problem. Another bad problem is >> _the same UNIX password for all purposes_ - I can sniff your FTP password >> and use it for SSH access (for example). > >Very true. Then again, FTP'ing in cleartext is kinda stupid in and of >itself. Why not just FTP thru an SSH tunnel? Or, if you're up for >an adventure (and a not-totally-complete(TM) spec), try the secure file >xfer stuff in SSH2... Or, for the unix-inclined, scp works rather well under SSH 1.2.x -- My public PGP key may be found at http://www.lightning.net/~jreddy John Patrick Reddy Sr. System Administrator Lightning Internet Services, LLC. Tel.(516)248-8400x123 327 Sagamore Ave Pag.(888)935-2700 Mineola, NY 11501 Fax.(516)248-8897
|