Re: [vox] secure diary thoughts
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [vox] secure diary thoughts
Hehe. So you're saying that you and the nitwit made the
same mistake? ;-)
-- Rod
http://www.sunsetsystems.com/
On Tuesday 25 June 2002 04:35 pm, Rick Moen wrote:
> ...
> Yeah, tell me. There was a company I worked at (which shall go
> nameless) whose entire internal WAN became compromised because some
> nitwit sysadmin SSH'd out to a public hosting service the firm operates
> and SSH'd back in. Unfortunately for that nitwit, the hosting service's
> SSH client was trojaned and reported his security tokens directly to the
> bad guy, who then just followed him in. Game, set, match.
>
> If I'd stuck fully to my principles, I'd never have used the firm's
> IS-maintained workstations to SSH home -- and instead, used only my
> personal laptop for that purpose, thus obeying your dictum about SSH
> being a fine way to traverse hostile networks if you trust both ends.
>
> So, I had to scramble home, lock everything down ASAP, and pray to
> Great Finagle. That time, I got lucky -- and I never repeated that
> particular mistake.
>
> Carrying the LNX-BBC disk around is very helpful, in that regard.
_______________________________________________
vox mailing list
vox@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox
|
