[PLUG] security?
Russ Johnson
russj at dimstar.net
Fri Mar 29 02:40:27 UTC 2002
At 04:46 PM 3/28/2002 -0800, you wrote:
>I didn't think ftp was insecure.
Well, if you consider sending passwords in clear text secure, then it's
secure. That's a design flaw of ftp. The protocol does not provide for
secure transmission of identifying data.
>I knew not to open up port 23, as I got my root password hacked a
>while back.
Exactly the same exploit works with ftp. Just sniff the packets.
Russ Johnson
Stargate Online
http://www.dimstar.net
telnet://telnet.dimstar.net
ICQ: 3739685
When the only tool you own is a hammer, every problem begins to resemble a
nail
- Abraham Maslow
More information about the PLUG
mailing list