Mailinglist Archive: opensuse-security (175 mails)
| < Previous | Next > |
Re: [suse-security] telnet and su attack on my linux
- From: earendil7@xxxxxxxx
- Date: Fri, 17 Sep 1999 10:45:19 -0700
- Message-id: <19990917.110001.-4011521.2.earendil7@xxxxxxxx>
On Fri, 17 Sep 1999 13:44:39 -0500 "scott" <sdanahy@xxxxxxxx> writes:
>Ah, cable modems. A lot of cable modem users use WinGate to split their
>bandwidth without buying additional IP addresses. The problem with that
is
>WinGate has a telnet proxy with no authentication installed by default
>(I'm sure most of you have heard of this) and allows an attacker to
"bounce"
>around. Also, I think *nix boxes are a lot more common on cable modems
>than they are on dial up, so the attacker could have broken into an
>innocent users machine and attacked from there.
>
>The point of all this is, just cause you see and IP address in your logs
>does not mean that is the attackers true point of origin.
>
>scott
Yes, but since IP spoofing is somewhat beyond the level of your average
script kiddie cracker, there's always a trail left behind,
electronically. As long as you alert ISPs, and they take action in
tracking down these crackers. Let the darwinian selection begin.
dan
___________________________________________________________________
Get the Internet just the way you want it.
Free software, free e-mail, and free Internet access for a month!
Try Juno Web: http://dl.www.juno.com/dynoget/tagj.
>Ah, cable modems. A lot of cable modem users use WinGate to split their
>bandwidth without buying additional IP addresses. The problem with that
is
>WinGate has a telnet proxy with no authentication installed by default
>(I'm sure most of you have heard of this) and allows an attacker to
"bounce"
>around. Also, I think *nix boxes are a lot more common on cable modems
>than they are on dial up, so the attacker could have broken into an
>innocent users machine and attacked from there.
>
>The point of all this is, just cause you see and IP address in your logs
>does not mean that is the attackers true point of origin.
>
>scott
Yes, but since IP spoofing is somewhat beyond the level of your average
script kiddie cracker, there's always a trail left behind,
electronically. As long as you alert ISPs, and they take action in
tracking down these crackers. Let the darwinian selection begin.
dan
___________________________________________________________________
Get the Internet just the way you want it.
Free software, free e-mail, and free Internet access for a month!
Try Juno Web: http://dl.www.juno.com/dynoget/tagj.
| < Previous | Next > |