[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [linux-security] Re: C't Article on Juggernaut



On Wed, 24 Sep 1997, Ira Abramov wrote:

> 
> Meni, this is just to show how easy it is to break in to unix on large
> networks, do NOT login or su to root over open telnet sessions again, ok?
> (and change your passwords regularly :-)

use ssh and you're sniff safe.

> 
> also, for the rest of the readers here, again:
> 
> ---------- Forwarded message ----------
> Date: Tue, 23 Sep 1997 19:42:06 -0700 (PDT)
> From: route@resentment.infonexus.com
> To: linux-security@redhat.com
> Subject: [linux-security] Re: C't Article on Juggernaut
> 
> [Bill Faust]
> 
> | 
> | There is a recent article in the German magazine C't that may be of
> | interest to those on this list.  It describes a cracker program,
> 
>   s/cracker/hacker/
> 
> | Juggernaut, which can hijack telnet sessions.  The program is written
> 
>   Actually, it does alot more then just hijacking.  Connection Spying,
>   connection reseting, automated connection reseting, packet sniffing,
>   packet assembly (albeit a crappy interface/ implementation.  Use SNI's
>   CAPE).
> 
> 
> | Since the program is widely circulated, everyone should at least be
> | aware of the attack.
> 
>   I certainly hope so.  The Joncheray paper was published over 2 years
>   ago.  For that matter, Juggernaut v1.0 was published in Phrack 50
>   (http://www.phrack.com) more then 5 months ago.  As it happens, v1.x has
>   several areas of deficiency, prompting Juggernaut++ (which is still
>   WIP at this point).  A bit more information can be gleaned from:
>   http://www.infonexus.com/~daemon9/project.html
> 
> -- 
> I live a world of paradox... My willingness to destroy is your chance for
> improvement, my hate is your fate -- my failure is your victory, a victory 
> that won't last.
> 
> --
> ----------------------------------------------------------------------
> Please refere to the information about this list as well as general
> information about Linux security at http://www.aoy.com/Linux/Security.
> ----------------------------------------------------------------------
> 
> To unsubscribe: mail -s unsubscribe test-list-request@redhat.com < /dev/null
> 
> 


+--------------------------------------------------------------------+
| Asher Frenkel 			   Unix System Administrator |
| Fax   : +972-3-6978115                        Phone: +972-3-6978263| 
| E-Mail:asher@ibm.net.il                              +972-3-6978687| 
+--------------------------------------------------------------------+
IBM Israel
2, Weizmann St.
Tel Aviv 61336                         ======   =======    ===     ===
http://www.ibm.net.il/                 ======   ========   ====   ====
Dialup registration:   177-022-3993      ==      ==   ==    ==== ====
Company services:        03-6978663      ==      ======     == === ==
Internet sales fax:      03-6978115      ==      ==  ===    ==  =  ==
Enquiries:          info@ibm.net.il    ======   ========   ===     ===
Technical support:   noc@ibm.net.il    ======   =======    ===     ===
----------------------------------------------------------------------