Full Disclosure mailing list archives
Re: Modifying SSH to Capture Login Credentials from Attackers
From: jfch () jagda eu
Date: Wed, 30 Sep 2009 08:32:53 +0200 (CEST)
All standard users have read access to /var/log/auth, so if rootthey shouldn't, at least on my default debian they don't ... b
Even the (local) root shouldn't know the passwords of the users. They often uses it on other systems.... JFCh
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Modifying SSH to Capture Login Credentials from Attackers my.hndl (Sep 29)
- Re: Modifying SSH to Capture Login Credentials from Attackers Kurth Bemis (Sep 29)
- Re: Modifying SSH to Capture Login Credentials from Attackers Kos (Sep 29)
- Re: Modifying SSH to Capture Login Credentials from Attackers my.hndl (Sep 29)
- Re: Modifying SSH to Capture Login Credentials from Attackers Kurth Bemis (Sep 29)
- Re: Modifying SSH to Capture Login Credentials from Attackers bodik () civ zcu cz (Sep 29)
- Re: Modifying SSH to Capture Login Credentials from Attackers maxigas (Sep 29)
- Re: Modifying SSH to Capture Login Credentials from Attackers Gichuki John Chuksjonia (Sep 29)
- Re: Modifying SSH to Capture Login Credentials from Attackers jfch (Sep 29)
- Re: Modifying SSH to Capture Login Credentials from Attackers dramacrat (Sep 29)
- Re: Modifying SSH to Capture Login Credentials from Attackers Kurth Bemis (Sep 29)