NYT: Internet attack called broad and long lasting
Fred Heutte
aoxomoxoa at sunlightdata.com
Tue May 10 07:17:15 UTC 2005
NYT:
The crucial element in the password thefts that provided access
at Cisco and elsewhere was the intruder's use of a corrupted
version of a standard software program, SSH. The program is
used in many computer research centers for a variety of tasks,
ranging from administration of remote computers to data transfer
over the Internet.
The intruder probed computers for vulnerabilities that allowed
the installation of the corrupted program, known as a Trojan
horse, in place of the legitimate program.
Ouch. Makes me wonder how long before someone cracks the
ssh that you can order for T-Mobile Sidekicks like mine.
("Before"? "Already!" . . . whatever) It *is* handy in a pinch,
I last used it to check a server quickly while I was sitting in the
Rockpile (center field bleachers) at a Denver Rockies game last
month :) It's some flavor of ssh2, guess I'll have to ask my
friend who works at Danger which one. The notion of
launching a DDOS from a cellphone is intriguing in a novelistic
sense and worrisome in a real.world sense.
-- Fred
More information about the NANOG
mailing list