Yes look for a CERT advisory regarding an increase
in the use of psychics to "crack" passwords. Until
patches are available from the various vendors
(Sun has announced that they will have a jumbo
patch available for Solaris 2.x ready withing 3
weeks.)
Currently, the CERT team advises that users
should think about their passwords as little
as possible.
------------------------------------------------------------------------------
Where do people get this stuff? Is this a troll?
Ryan
---------- Previous Message ----------
To: kaberna, firewalls
cc:
From: kabernard @ techsoft.com (KABERNARD) kabernard @
techsoft .
com (KABERNARD)
@ smtp
Date: 05/30/96 08:40:15 AM
Subject: Extra Social Engineering
by
miles.greatcircle.com (8.7.4/Miles-951221-1) with SMTP id FAA29281 for
<firewalls @
greatcircle .
com>; Thu, 30 May 1996 05:41:04 -0700 (PDT)
Received: from cc:Mail (PU Serial #1520)
From: kabernard @
techsoft .
com (KABERNARD)
To: firewalls @
greatcircle .
com
Message-ID: <1996May30 .
073934 .
1520 .
3754 @
abyss .
techsoft .
com>
X-Conversion-ID: <cc:Mail/#31291/TECHSOFT>
X-Mailer: cc:Mail via PostalUnion/SMTP for Windows NT
Mime-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Date: Thu, 30 May 1996 07:41:01 -0500
Subject: Extra Social Engineering
Sender: firewalls-owner @
GreatCircle .
COM
Precedence: bulk
Has anyone experienced an attack where you were unable to determine
how the system was cracked? Recently an overzealous employee
who was "Just trying to help" attained root access on several of my
UNIX boxes. She stated that she got the passwords from her "Psychic
Friend". Is that possible? I've seen the commercials but never
imagined there was anything to it.....does anyone out there think that
there are alot of attacks as a the result of this type of "Extra
Social Engineering".....couldn't this be disasterous for the entire
industry? I bet I haven't heard about this before because the "Big
Companies" know that if word of this got out, there would be a mass
exodus from the INTERNET....
tks.....kurt
|
|
