“Last week, I gave you an introduction to network sniffers. If
you took the time to play with sniffit, for instance, you noticed
that your telnet sessions are plaintext, and the sniffer program
will display everything coming from and going to your network
interface. Sure, you can spy on your users, but are they spying on
you?”
“The problem is that while TCP/IP is truly wonderful and has
given us this bright, beautiful Internet of ours, it is inherently
insecure. You see, when the protocol was first created, we
were a little less worried about people looking over our electronic
shoulders and watching us work. After all, computers were big,
magical, scary things that only a handful of people really
understood. Not so any more.”
“Imagine you are the system administrator at BigCompanyInc and
you’ve just read my last six articles, tied down your Linux server,
did a pile of reading on your own, tied it down even further, and a
few days later you discover a break-in. What happened? One
possibility is Joe Cracker plugged into your 200-port network with
his Linux notebook (it’s easy to hide in a 200-station office),
started a sniffer, and waited while people logged in and left their
plaintext user names and passwords. The grand prize was the root
password, which you let slip by as you telnetted to your SAMBA
server. Suddenly, Joe Cracker has full access to your system all
over again.”