[Sussex] unauthorised ssh attempts

Tony Austin tony at gigaday.com
Fri Aug 20 17:52:56 UTC 2004


Interesting ...

> Not just the screen refreshes, but as the password is sent cleartext
> between the two machines, the password can simply be caught with the
> packet capture.

I think the VNC password is secure as, according to the documention, it is
sent encrypted using challenge-response.

However ...

> Take a session with an NT/200X server for example, press Ctrl-Alt-Del and
> type in the password for administrator. All the keystrokes being recorded
> by the hacker are played back, and your NT/200X server is compromised.
> The same goes with rlogin, rsh, rexec, ftp and telnet.

Keystroke recording sounds a bit more scary.  I use RDP on Win2000
machines rather than VNC, but I can see that using a secure web page over
VNC would unsecure that web page.  Also, I guess things like starting an
ssh session on a machine that I VNCed to in the first place would not be
such a good idea either.

Food for thought.  Thanks.

> --
> John


Tony Austin
Gigaday Computing Limited
tony at gigaday.com

More information about the Sussex mailing list