RE: [K12OSN] Email retrievel methods

• Messages sorted by: [ date ][ subject ][ author ]
• Next message: Julius Szelagiewicz "Re: [K12OSN] RE: Gnome Annoying Startup window"
• Previous message: Rita Gibson "[K12OSN] MiniHOWTO"

This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.

------_=_NextPart_001_01C23ED5.41CE9910
Content-Type: text/plain;
	charset="iso-8859-1"

The article below explains why this is a problem.  If someone went in right
before the lab was closed and slipped a device onto a cable like mentioned
in the article, no one would know about it until the next day and he may
have already gained root access and done any number of things to the server.
Or, he/she could put it on the cable and pretend to be using the computer
while a neighbor logs in and he sniffs with the device to catch the
password.  These could be hidden behind a machine and made to make
everything look normal.  When it has stayed the night

http://online.securityfocus.com/news/558

Physical security is a highly neglected area of computer security.  The MAC
address filtration idea sounds like a good one for these devices, and I
can't imagine it would increase admin time that much.

_Josiah

-----Original Message-----
From: Jay Kline [mailto:list@slushpupie.com]
Sent: Wednesday, August 07, 2002 9:22 AM
To: k12osn@redhat.com
Subject: Re: [K12OSN] Email retrievel methods


On Wednesday 07 August 2002 8:05 am, Julius Szelagiewicz wrote:
> Folks,
> 	it seems that in the thread on clear text passwords we are missing
> the one glaring vulnerability - the actual ltsp. the terminals communicate
> with the server by using X to pass data from the keyboard. as far as i
> know, this data are not encrypted, hence ALL the passwords and passphrases
> travel in clear text from the terminal to the server. there was a thread
> several months ago on ltsp list addressing this concern, but it seems that
> nothing has been done yet. for the time being don't use hubs and protect
> the wires! julius


A valid concern, but if things are set up correctly, there isnt too much to 
worry about.  Even with a hub, if each of the terminals does not have access

to the tools needed to sniff passwords, and the terminals are all on a 
private network (firewalling rules, etc on the server) then the only problem

you have is rouge computers on the network. In my lab, all the computers are

visable, so its not an issue.  If they are not, follow the other 
recomendations on this thread and use a switch. If you can afford a nice 
managed swtich, they can sometimes even filter by mac address.  

Jay



_______________________________________________
K12OSN mailing list
K12OSN@redhat.com
https://listman.redhat.com/mailman/listinfo/k12osn
For more info see 

------_=_NextPart_001_01C23ED5.41CE9910
Content-Type: text/html;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable










The article below explains why this is a =
problem.  If someone went in right before the lab was closed and =
slipped a device onto a cable like mentioned in the article, no one =
would know about it until the next day and he may have already gained =
root access and done any number of things to the server.  Or, =
he/she could put it on the cable and pretend to be using the computer =
while a neighbor logs in and he sniffs with the device to catch the =
password.  These could be hidden behind a machine and made to make =
everything look normal.  When it has stayed the night

http://online.securityfocus.com/news/558


Physical security is a highly neglected area of =
computer security.  The MAC address filtration idea sounds like a =
good one for these devices, and I can't imagine it would increase admin =
time that much.

_Josiah


-----Original Message-----

From: Jay Kline [mailto:list@slushpupie.com]

Sent: Wednesday, August 07, 2002 9:22 AM

To: k12osn@redhat.com

Subject: Re: [K12OSN] Email retrievel methods




On Wednesday 07 August 2002 8:05 am, Julius =
Szelagiewicz wrote:

> Folks,

>       it seems that in =
the thread on clear text passwords we are missing

> the one glaring vulnerability - the actual =
ltsp. the terminals communicate

> with the server by using X to pass data from =
the keyboard. as far as i

> know, this data are not encrypted, hence ALL =
the passwords and passphrases

> travel in clear text from the terminal to the =
server. there was a thread

> several months ago on ltsp list addressing this =
concern, but it seems that

> nothing has been done yet. for the time being =
don't use hubs and protect

> the wires! julius




A valid concern, but if things are set up correctly, =
there isnt too much to 

worry about.  Even with a hub, if each of the =
terminals does not have access 

to the tools needed to sniff passwords, and the =
terminals are all on a 

private network (firewalling rules, etc on the =
server) then the only problem 

you have is rouge computers on the network. In my =
lab, all the computers are 

visable, so its not an issue.  If they are not, =
follow the other 

recomendations on this thread and use a switch. If =
you can afford a nice 

managed swtich, they can sometimes even filter by =
mac address.  


Jay






_______________________________________________

K12OSN mailing list

K12OSN@redhat.com

https://listman.redhat.com/mailman/listinfo/k12osn=


For more info see <http://www.k12os.org>




------_=_NextPart_001_01C23ED5.41CE9910--



_______________________________________________
K12OSN mailing list
K12OSN@redhat.com
https://listman.redhat.com/mailman/listinfo/k12osn
For more info see