Re: network sniffing question

From: Carlos Moreno (moreno_at_mochima_dot_com_at_xx.xxx)
Date: 04/29/03 

Date: Tue, 29 Apr 2003 07:47:13 -0400

David wrote:

> Login as root and change the root password and wait for him to
> get worried that the system has been CRACKED.
> Then explain to him how easy it was to "own" the system due to
> the use of telnet.

I don't think that would be too effective -- not with stubborn
people, as his sysadmin seems to be :-(

And yes, as he also pointed out, he could get fired for doing
so!!

Maybe a less aggressive move could be just to determine the root
password, then go and show it to him, reminding him that "if I
was a bad guy, I could use this to sabotage the network, or to
steal information (such as sniffing e-mail of the managers and
VPs and etc.) and use it for my benefit without telling anyone.

Then again, you probably are part of the trusted personnel, so
you may already have the root password so there's no point in
the above exercise... Still, you could try to come up with a
setup that uses none of the privileges you may have and still
get the root password.

When is this sysadmin birthday? Any time soon?

A gift such as "Hacking Linux Exposed" would be in order ;-)

Maybe another effective strategy would be to tell him to try
to convince you why he would want to *avoid* SSH... I mean,
if from a Unix/Linux console you can barely tell the difference
between a telnet login and an SSH login, then why would he be
worried?? All else being equal, why opposing to the use of
SSH? And it incurs zero extra effort or cost, as it comes
with the default distributions (I think -- at least with RH
it does ship with the default distro). Oh, that you have to
constantly keep updating to avoid security vulnerabilities??
Yeah... *that* is going to be a problem for a sysadmin that
insists that telnet is secure and unhackable enough :-)

HTH,

Carlos 

--

Relevant Pages

  • Re: SSH, root privilege and su commands
    ... >to SSH instead of telnet. ... If you have SSH on your system, you'll need to start the ssh daemon. ... They do not need to know the root password, ...
    (comp.unix.aix)
  • RE: Commentary on the seven words
    ... When I was an operating systems programmer we all too often forgot that the Operating system existed to support the application, not the other way around. ... A Because the application that we run uses a telnet client that doesn't support ssh - and that's why I can't run ssh on this system. ... I administrate one system that has 128 clients on it and it's ...
    (RedHat)
  • Re: Commentary on the seven words
    ... A Because the application that we run uses a telnet client that doesn't ... support ssh - and that's why I can't run ssh on this system. ... General Red Hat Linux discussion list ... >operating system and utility advice and assistance and there are SEVEN ...
    (RedHat)
  • Re: Commentary on the seven words
    ... routinely asked to help with enabling rsh and telnet. ... Shoot, I use SSH & all that, but if I wanted to allow it for some ... > I wrote in with a complaint that Linux will allow a process (like Tar, ... I administrate one system that has 128 clients ...
    (RedHat)
  • Re: OSR507: xm_vtcld : could not open libXm.so
    ... laptop, I can run successfully "scoadmin software" if I'm through SSH, ... LINUXLAPTOP $ telnet 172.xxx.101.66 ... Similarly cron jobs have a different environment, and cgi-bin scripts ...
    (comp.unix.sco.misc)