moyman@DEGREE.ECN.PURDUE.EDU (J Michael "Mac" Moya) (12/16/88)
In recent weeks I have been recieving the concerns of faculty/staff of just how secure thier password is when using NCSA telnet and/or an Aufs(CAP) server. It is general knowledge that their password is being transmitted through the localtalk then kinetics box then UNIX machine. My question is...just how secure is it?? How easy would it be for for a third party to "watch the password" go by. I realize that everybody has a different idea of what "secure" is...any opinions/information would be greatly appreciated. Thanks... Mike Moya moyman@degree.ecn.purdue.edu Purdue University pur-ee!moyman Engineering Computer Network (317) 494-2349
krauskpf@uxe.cso.uiuc.edu (12/18/88)
All Ethernets and all AppleTalk cabling systems require: 1. a Mac, PC or Sun 2. proper software, not hard to get or write to trap passwords. Kerberos anyone? Tim Krauskopf NCSA
bwk@mbunix.mitre.org (Barry W. Kort) (12/20/88)
In article <66000029@uxe.cso.uiuc.edu> krauskpf@uxe.cso.uiuc.edu (Tim Krauskopf) responds to a concern about spying on password exchanges over the ethernet. Tim asks: > Kerberos anyone? Tim, is this a reference to Cerberus, the three-headed watchdog of classical mythology? In any event, it seems to me that no security system is foolproof. There always has to be a way to get under the hood. I suspect the next generation of computer viruses will attack the immune system. One such species will cause the immune system to freeze and lock everyone out. Another will disable the immune system and let everyone in. My guess is that the first of these will appear within a year; the second will emerge shortly after science publishes a theory of operation on the human immunideficiency virus. --Barry Kort