[Gllug] SFTP Server
Doug Winter
doug at pigeonhold.com
Wed Apr 9 14:37:34 UTC 2003
On Wed 09 Apr David Damerell wrote:
> On Wednesday, 9 Apr 2003, Doug Winter wrote:
> >Personally I'd say that this doesn't increase security by much in the
> >real world. Yes, someone could be sniffing your network, but in
> >reality they aren't. Although it's a plausible risk, it's not a high
> >one.
>
> In reality they are. When I was in academentia, at least half the
> machines the university had cracked had sniffers installed on them.
> Our single biggest incident in the Department I worked in was a direct
> result of efficient use of password sniffers.
But if the machine you are actually using has been cracked, then
encrypting stuff on the wire does you no good - you've been 0wned
already.
And if it hasn't, and you are on a switched network (which pretty much
everyone is now), then they can't sniff you from somewhere else.
doug.
--
1024D/6973E2CF print 2C95 66AD 1596 37D2 41FC 609F 76C0 A4EC 6973 E2CF
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 240 bytes
Desc: not available
URL: <http://mailman.lug.org.uk/pipermail/gllug/attachments/20030409/04315ce0/attachment.pgp>
More information about the GLLUG
mailing list