Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: telnet vs ssh on Core equipment , looking for reasons why ?

  • From: Alex Bligh
  • Date: Tue Jul 31 17:41:05 2001

Randy Bush wrote:
this is based on the fantasy that nobody inside is rotten.  this is
amusing at best, considering how much damage is done by inside jobs.
esp. if you count that part of the damage that is not
deliberately malicious (a.k.a. 'I was only trying to help').

Sources will relate over beer an interesting real-time
full-sirens-and-lights attempt to trace and close down a hacker
running all sorts of snoop programs etc. who turned out to be
an employee 'only trying to help'. Also no ends of restrictions
on ACLs etc. are put there by people 'only trying to help',
people who don't understand RCS editing RCS controlled files
via su and laying a booby trap for someone later on, etc. etc.

Perhaps this wasn't the 'rotten' / 'inside job' you meant, but
its >10 times more common, and >>10 times more dangerous.

--
Alex Bligh
Personal Capacity





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.