On Wednesday 22 February 2006 10:26, Gavin McDonald wrote: > agreed, > > For proof, just run a sniffer on the network segment as you login as root, > you will see, in plaintext, your root password. (and any smtp passwords > from mail clients, but that's a different problem... ;) > > Regards, > > Gavin McDonald > ======================== > EVI Logistic Enterprises > email: me@xxxxxxxxxxxx > phone: (604) 313-3845 > > And since there are easy to use tools to fool switches into letting you impersonate any host connected to that switch, a switch won't protect you from this kind of thing (or provide any security really). mumble-mumble, poof. Now my workstation is the router for this network and I see all your plaintext passwords. Cackle. With a good IDS/switch management sw and someone watching logs, you might catch the bad person doing this. -Allen -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
