Security Portal: Ask Buffy - Securing Against Root Exploits & PGP and HushmailOct 19, 2000, 21:25 (0 Talkback[s])
(Other stories by Buffy Overflow)
"This week we discuss securing against root exploits; scrambling communications at an oil field; PGP and Hushmail; recovering lost NT passwords; spoofing remote server identification; and allowing MSN Messenger."
"I was recently shown by a hacker how easy it is to enter Linux as root by hacking the SU from a normal user account login. The hacker has installed a script written by himself, not more than 20 lines of bash shell commands. FTP it onto the /home/username location; telnet into the system using the "username" and password; run the SU hack script, and voila, he has gained root access! It is not a password-cracking program because it took less than 2 seconds to gain access!..."
"Is PGP part of the Hushmail technology, or a competitor?..."