telnet vs ssh on Core equipment , looking for reasons why ?
alex at alex.org.uk
Tue Jul 31 21:38:31 UTC 2001
Randy Bush wrote:
> this is based on the fantasy that nobody inside is rotten. this is
> amusing at best, considering how much damage is done by inside jobs.
esp. if you count that part of the damage that is not
deliberately malicious (a.k.a. 'I was only trying to help').
Sources will relate over beer an interesting real-time
full-sirens-and-lights attempt to trace and close down a hacker
running all sorts of snoop programs etc. who turned out to be
an employee 'only trying to help'. Also no ends of restrictions
on ACLs etc. are put there by people 'only trying to help',
people who don't understand RCS editing RCS controlled files
via su and laying a booby trap for someone later on, etc. etc.
Perhaps this wasn't the 'rotten' / 'inside job' you meant, but
its >10 times more common, and >>10 times more dangerous.
More information about the NANOG