[Sussex] unauthorised ssh attempts
Tony Austin
tony at gigaday.com
Fri Aug 20 17:52:56 UTC 2004
John
Interesting ...
>
> Not just the screen refreshes, but as the password is sent cleartext
> between the two machines, the password can simply be caught with the
> packet capture.
>
I think the VNC password is secure as, according to the documention, it is
sent encrypted using challenge-response.
However ...
> Take a session with an NT/200X server for example, press Ctrl-Alt-Del and
> type in the password for administrator. All the keystrokes being recorded
> by the hacker are played back, and your NT/200X server is compromised.
>
> The same goes with rlogin, rsh, rexec, ftp and telnet.
>
Keystroke recording sounds a bit more scary. I use RDP on Win2000
machines rather than VNC, but I can see that using a secure web page over
VNC would unsecure that web page. Also, I guess things like starting an
ssh session on a machine that I VNCed to in the first place would not be
such a good idea either.
Food for thought. Thanks.
> --
> John
>
Regards.
Tony Austin
Gigaday Computing Limited
http://www.gigaday.com
tony at gigaday.com
More information about the Sussex
mailing list