WARNING!
Ana Maria De Alvare'
anamaria at saffron.wpd.sgi.com
Thu Apr 11 03:46:54 AEST 1991
I agree with John Benfiel that common sense is the weapon against password
cracking, and that a cracker only needs one misuse, poorly chosen password
to get access to your system.
I want to make it clear that a person can has access to someone machine's
password file throught the internet without having any accounts directly
related to that person. For example, throught the ftp anonymous service,
I can copy a password file over. This scenario is considered access to
the remote machine in question. However, public anonymous access to a
remote machine, is not being thought as authorizing anonymous browsing,
and copying over files other than the ones explicitly publish with
the ftp anonymous procedures. In other words, ftp anonymous access is not
look as individual access rights. So beware system administrators to
curtail the amount of access you give away to ftp anonymous services.
-------------------------------------------------------------------------------
Ana Maria De Alvare' MTS Secure IRIX Silicon Graphics, Inc.
anamaria at sgi.COM {decwrl,sun}!sgi!whizzer!saffron!anamaria 415-335-7309
-------------------------------------------------------------------------------
More information about the Comp.unix.wizards
mailing list