LISTSERV - HP3000-L Archives

HP3000-L Archives

August 1997, Week 2

HP3000-L@RAVEN.UTC.EDU

	LISTSERV Archives
	HP3000-L Home
	HP3000-L August 1997, Week 2

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Security Concern
From:	"Stigers, Gregory - ANDOVER" <[log in to unmask]>
Reply To:	Stigers, Gregory - ANDOVER
Date:	Tue, 12 Aug 1997 11:51:03 -0400
Content-Type:	text/plain
Parts/Attachments:	text/plain (43 lines)

I will once again recommend Clofford Stoll's 'The Cuckoo's Egg: Tracking
a Spy through the Maze of Computer Espionage'. When their hacker
connected to an unknown system, he generally tried common / default user
id - password combinations until he was kicked off after too many failed
attempts. Then he moved on. Once he got on to a system, he would search
email and scripts for ids and passwords to leverage that access. His
array of tricks was formidable, once he got on; most puzzling of all, he
was copying encrypted password lists. Interestingly enough, the primary
way they tracked their hacker without him detecting a 'watcher' was by
finding the dial in line he was using, and splitting it to a printer.

Much of the skullduggery in that book has affected how I see security. I
avoid pass through authentication among systems on which my role
differs, since having my password on any one means having it on another.
My co-workers think I'm nuts, since my own log on to my own PC requires
four passwords. Then, when it comes time for them to change a password,
they have long since forgotten the password that their password list
remembers for them. Now if someone would just tell me where to get one
of those malicious programs that de-encrypted Windows PWLs...

But I would say, challenge away. I would rather get beat up by a clever
student or user, than by someone who knows what to look for. In fact, at
the University where I taught Intro to the Personal Computer, the
previous NetWare admin was at a one-day training class, with no known
way to contact him. Early that morning, someone signed on as each of the
faculty (first initial, last name), and, judging by the rapidity with
which this was done, just hit [Enter] at the password prompt. The
intruder detection lockout was set indefinitely, requiring that the
admin manually reset it. This locked out all faculty, all day.

>----------
>From:  Bob Feighner
>Sent:  Monday, August 11, 1997 3:11 PM
>To:    [log in to unmask]
>Subject:       [HP3000-L] Security Concern
>
>OK, we have the HP3000 locked up in a room. We have the IP address invisible
>to
>non-campus users. The modem line is switched 'off-line' except when we
>specifically need it. Are we safe? Hardly.
><snip>
>(Don't EVER challenge them like this).

ATOM RSS1 RSS2

RAVEN.UTC.EDU