[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[linux-security] Re: C't Article on Juggernaut
Meni, this is just to show how easy it is to break in to unix on large
networks, do NOT login or su to root over open telnet sessions again, ok?
(and change your passwords regularly :-)
also, for the rest of the readers here, again:
---------- Forwarded message ----------
Date: Tue, 23 Sep 1997 19:42:06 -0700 (PDT)
From: route@resentment.infonexus.com
To: linux-security@redhat.com
Subject: [linux-security] Re: C't Article on Juggernaut
[Bill Faust]
|
| There is a recent article in the German magazine C't that may be of
| interest to those on this list. It describes a cracker program,
s/cracker/hacker/
| Juggernaut, which can hijack telnet sessions. The program is written
Actually, it does alot more then just hijacking. Connection Spying,
connection reseting, automated connection reseting, packet sniffing,
packet assembly (albeit a crappy interface/ implementation. Use SNI's
CAPE).
| Since the program is widely circulated, everyone should at least be
| aware of the attack.
I certainly hope so. The Joncheray paper was published over 2 years
ago. For that matter, Juggernaut v1.0 was published in Phrack 50
(http://www.phrack.com) more then 5 months ago. As it happens, v1.x has
several areas of deficiency, prompting Juggernaut++ (which is still
WIP at this point). A bit more information can be gleaned from:
http://www.infonexus.com/~daemon9/project.html
--
I live a world of paradox... My willingness to destroy is your chance for
improvement, my hate is your fate -- my failure is your victory, a victory
that won't last.
--
----------------------------------------------------------------------
Please refere to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------
To unsubscribe: mail -s unsubscribe test-list-request@redhat.com < /dev/null