[PLUG] security?

[Bill Spears]

Russ Johnson wrote:

> On Fri, 2002-03-29 at 15:35, Bill Spears wrote:
> 
>>Russ, so the way this works is someone along the net-route of the 
>>packets reads your id and password?  How could that happen between me 
>>and my ISP for example, or if I were being hosted at www.cheaphost.com, 
>>and I needed to upload my .html files by ftp?
>>
> 
> Packets get routed all over the world. With automated logins, it's
> entirely possible for both username and password to be in the same
> packet. 
> 
> It's harder if you have a modem connection between you and you ISP, but
> even that's not foolproof, as many ISPs have modem pools in the CO that
> simply dump into the ether. Then it's routed along with everything else.
> 
> It's not unusual for packets from my place of employment to be routed
> from downtown Portland, to Seattle, through the Bay Area, and finally
> make it back through Portland to Aloha. With it going through the NOC in



That's interesting.  What's the NOC and why are they looking at packets?

I'm a little surprised that ftp (non-anonymous) is still being used.

> the Bay Area, there's A LOT of peering going on there, and one sniffer
> can capture a lot of data quickly. 
> 
> The point is that it's a possible point of exploitation. I can use a
> clothespin on my gate to hold it shut, but it doesn't take much to break
> that security. SCP and SFTP are useful, and available. 



So, in general, are you saying that I can probably use sftp to upload to 
a website instead of ftp? I guess the reason that most of the common 
tools are ftp based, gFtp etc, is that what most of us have on our 
personal websites isn't worth protecting(:-).