North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: NYT: Internet attack called broad and long lasting

  • From: Fred Heutte
  • Date: Tue May 10 03:20:05 2005

NYT:

  The crucial element in the password thefts that provided access 
  at Cisco and elsewhere was the intruder's use of a corrupted 
  version of a standard software program, SSH. The program is 
  used in many computer research centers for a variety of tasks, 
  ranging from administration of remote computers to data transfer 
  over the Internet. 

  The intruder probed computers for vulnerabilities that allowed 
  the installation of the corrupted program, known as a Trojan 
  horse, in place of the legitimate program.

Ouch.  Makes me wonder how long before someone cracks the
ssh that you can order for T-Mobile Sidekicks like mine.
("Before"?  "Already!" . . . whatever)  It *is* handy in a pinch, 
I last used it to check a server quickly while I was sitting in the 
Rockpile (center field bleachers) at a Denver Rockies game last 
month :)  It's some flavor of ssh2, guess I'll have to ask my
friend who works at Danger which one.  The notion of
launching a DDOS from a cellphone is intriguing in a novelistic
sense and worrisome in a real.world sense.

-- Fred