Re: [aclug-L] Security Question: How safe is it?

[John Goerzen <jgoerzen@xxxxxxxxxxxx>]

Jeremy Johnstone <jsjohnst@xxxxxxxxxxx> writes:

> Then you come across the people who argue "Security by obscurity is no
> security at all" I agree with both sides. The chances of someone actually
> intercepting your password are slim to none. Then again, using Linux, it
> is real (and I mean real) easy to write a packet sniffer that will log
> every packet (i sure hope you have a fast and big i/o subsys if its a
> busy network) to your drive then at you leisure you can run a script that

There already exist sniffers for Linux that can automatically identify 
sessions on your segment (the ones that are sniffable) and sniff them, 
either simulating the session itself from the client's perspective or
separating sent from received data.  So if the remote is on any sort
of Ethernet that non-admin types have access to, better be using ssh.


-- 
John Goerzen   Linux, Unix consulting & programming   jgoerzen@xxxxxxxxxxxx |
Developer, Debian GNU/Linux (Free powerful OS upgrade)       www.debian.org |
----------------------------------------------------------------------------+
Visit the Air Capital Linux Users Group on the web at http://www.aclug.org
---
This is the Air Capitol Linux Users Group discussion list.  If you
want to unsubscribe, send the word "unsubscribe" to
aclug-L-request@xxxxxxxxxxxx.  If you want to post to the list, send your
message to aclug-L@xxxxxxxxxxxx.