Re: [Plug] Microsoft Striks Again

Jason S. on Tue, 31 Aug 1999 17:16:29 -0400 (EDT)

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [Plug] Microsoft Striks Again

From: "Jason S." <jason@sn.com>

To: plug@lists.nothinbut.net

Subject: Re: [Plug] Microsoft Striks Again

Date: Tue, 31 Aug 1999 17:16:55 -0400 (EDT)

Reply-to: plug@lists.nothinbut.net

Sender: plug-admin@lists.nothinbut.net

On Tue, 31 Aug 1999, Nick R wrote: > Well the telnet login's secure. > If you're kidding, then stop reading. If you're serious... I think you're confusing the security of how the password is stored with the security of how its transported. Unix passwords are a crypt()'d text field. They're reasonably secure, in that a brute force attack can take time. Thats not the issue. The problem with telnet isnt how login works, its how you're logging in. You can have the longest, hardest to guess password in the world, but if you use telnet you're basicly allowing people to watch you type it in. If someone can watch the keystrokes, they dont need to guess. They can just read it. It'd be like you calling them up and telling them. The fact that the system may or may not use shadow passwords is irrelevent at that point. Or I just _totally_ misunderstood you. In which case... oops. _______________________________________________ Plug maillist - Plug@lists.nothinbut.net http://lists.nothinbut.net/mail/listinfo/plug

References:

Re: [Plug] Microsoft Striks Again
From: "Nick R" <laktar@hotmail.com>

Prev by Date: [Plug] Re: telnet login

Next by Date: Re: [Plug] Microsoft Striks Again

Previous by thread: Re: [Plug] Microsoft Striks Again

Next by thread: [Plug] getting help

Index(es):

Date

Thread