[PLUG] security?

Russ Johnson russj at dimstar.net
Fri Mar 29 23:52:28 UTC 2002


On Fri, 2002-03-29 at 15:35, Bill Spears wrote:
> Russ, so the way this works is someone along the net-route of the 
> packets reads your id and password?  How could that happen between me 
> and my ISP for example, or if I were being hosted at www.cheaphost.com, 
> and I needed to upload my .html files by ftp?

Packets get routed all over the world. With automated logins, it's
entirely possible for both username and password to be in the same
packet. 

It's harder if you have a modem connection between you and you ISP, but
even that's not foolproof, as many ISPs have modem pools in the CO that
simply dump into the ether. Then it's routed along with everything else.

It's not unusual for packets from my place of employment to be routed
from downtown Portland, to Seattle, through the Bay Area, and finally
make it back through Portland to Aloha. With it going through the NOC in
the Bay Area, there's A LOT of peering going on there, and one sniffer
can capture a lot of data quickly. 

The point is that it's a possible point of exploitation. I can use a
clothespin on my gate to hold it shut, but it doesn't take much to break
that security. SCP and SFTP are useful, and available. 

Why take the risk?

Russ






More information about the PLUG mailing list