Your Daily Source for Apache News and Information  
Breaking News Preferences Contribute Triggers Link Us Search About
Apache Today [Your Apache News Source] To

Apache HTTPD Links
Apache Module Registry
Apache-Perl Integration Project
Apache XML Project
The Java Apache Project
PHP Server Side Scripting
Apache-Related Projects
The Apache FAQ
The Jakarta Project
The Apache Software Foundation
Apache Project
The Linux Channel at
Linux Start
Just Linux
BSD Central
Apache Today
Enterprise Linux Today
Linux Apps
Linux Central
BSD Today
Linux Today
Linux Programming
All Linux Devices
Linux Planet
SecurityPortal: A Matter of Trust: How Was Compromised
Jun 6, 2001, 19 :52 UTC (0 Talkback[s]) (2350 reads) (Other stories by Kurt Seifried)

Kurt Seifried discusses how was compromised, offering that part of a growing problem we face in computer security is trust: "The SSH protocol is used to secure these connections with strong encryption, which provides a tunnel between the two communicating machines. Furthermore, it is assumed that the end developer's machine is secure, and that there are no keystroke loggers running, or items like KeyGhost hooked up to the machine. Herein lies a problem. More and more people are using machines that are not always secure or should not be considered "trusted."

"The number of publicly available terminals in libraries, educational computer labs, cafe's and other places has exploded in the last few years. The vast majority of these machines are not very well secured, ranging from Linux machines in a private cubicle (where LILO was not locked down) to windows machines that will cheerfully boot from a floppy disk.

While breaking into these systems and logging passwords is probably not going to help you break into a specific site, if you throw out a large enough net you will catch something of interest eventually. This is especially true for more populous systems such as ISP shell servers and university servers (which are notorious for being poorly secured). Once you have a shell account on a system it becomes much easier to exploit any security flaws, local or remote."

Complete Story

Related Stories:
Apache Software Foundation Server compromised, resecured.(May 31, 2001)

  Current Newswire:
Everything Solaris: Apache: Handling Traffic

LinuxEasyInstaller 2.0 final release

Apache 2.0.32 beta is available

Everything Solaris: Apache: The Basics

Apache Jakarta James Mailserver v2.0a2 Released

PostgreSQL v7.2 Final Release

Daemon News: Multiple webservers behind one IP address

Zend Technologies launches Zend Studio 2.0

NuSphere first to enable development of PHP web services

Covalent Technologies raises $18 million in venture capital

No talkbacks posted.
Enter your comments below.
Your Name: Your Email Address:

Subject: CC: [will also send this talkback to an E-Mail address]

See our talkback-policy for or guidelines on talkback content.

About Triggers Media Kit Security Triggers Login

All times are recorded in UTC.
Linux is a trademark of Linus Torvalds.
Powered by Linux 2.4, Apache 1.3, and PHP 4
Copyright 2002 INT Media Group, Incorporated All Rights Reserved.
Legal Notices,  Licensing, Reprints, & Permissions,  Privacy Policy.