----- Original Message ----- From: "Hugo Vanwoerkom" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, December 05, 2003 12:47 Subject: Re: Debian Investigation Report after Server Compromises
> Hoyt Bailey wrote: > > ----- Original Message ----- > > From: "csj" <[EMAIL PROTECTED]> > > To: <[EMAIL PROTECTED]> > > Sent: Wednesday, December 03, 2003 22:40 > > Subject: Re: Debian Investigation Report after Server Compromises > > > > > > > >>On 3. December 2003 at 5:52PM -0800, > >>Vineet Kumar <[EMAIL PROTECTED]> wrote: > >> > >> > >>>* Monique Y. Herman ([EMAIL PROTECTED]) [031203 16:59]: > >>> > >>>>I have been wondering about the password-sniffing thing, too. > >>>>If you send a password using ssh, isn't it encrypted? > >>>> > >>>>I suppose some debian developer's kid sister could have > >>>>installed a keystroke logger on the dev machine ... um ... > >>> > >>>Almost there -- minus the assumption that one needs physical > >>>access to a machine to install a keystroke logger. At the risk > >>>of perpetuating the telephone game, I recall reading that the > >>>developer's machine had been rooted. I didn't hear how, but I > >>>don't really see how it matters. I picture an always-on > >>>machine in someone's home on a DSL or cable line. > >> > >>Now I'm curious: is it possible to get rooted while on dialup? > >>I'm thinking of a user with access to a slow but dirt cheap > >>dialup connection and so is online for significant stretches, > >>say, eight hours. This also assumes that no trojans or similar > >>have been installed on the user's system. > >> > > > > FYI. As one who has caught several virisus. It can happen on dialup and it > > has always happened to me while downloading virisus definitions from > > Norton.com. > > Virus definitions for Linux from norton.com? > > > Hugo. > Of course not however I believe a virus is a virus which needs to be modified to infect any OS. The question was about dialup I think it applys. Hoyt -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
