Rootshell pages hacked

Adam Rothschild asr at millburn.net
Mon Nov 2 14:51:32 UTC 1998


On Mon, 2 Nov 1998, Alex P. Rudnev wrote:

> problem, UNIX one-time passwords are real problem. Another bad problem is 
> _the same UNIX password for all purposes_ - I can sniff your FTP password 
> and use it for SSH access (for example).

Very true.  Then again, FTP'ing in cleartext is kinda stupid in and of
itself.  Why not just FTP thru an SSH tunnel?  Or, if you're up for
an adventure (and a not-totally-complete(TM) spec), try the secure file
xfer stuff in SSH2...





More information about the NANOG mailing list