Hi. "Peter L. Peres" wrote: > BTW it is easier to sniff an existing PPP connection than to break into > the system that uses it (either side) so think. Why do you think that > people are recommended not to run telnet into anywhere ? > Excuse me? How can you sniff a PPP password? The negotiation is done before the connection is made (so it's not a TCP/IP based communication, it's direct modem to modem communication). Only a few "institutes" in Israel can "sniff" phone line communication, and it's not that easy.. (surely not as easy as sniffing TCP/IP communication). Now, I know that if I telnet from some other computer to my own computer over the Internet (why should I do that??) my password can be sniffed. That's usually not the case (because I'm connecting from my computer to another one on the Internet. I couldn't care less if the *other* computer I'm logging into is compromised :-) The question was, assuming a computer is a target (being connected to the Internet) how can you prevent stealing the PPP password even if someone has got access to my computer? (It's not the same as having my root password! Maybe I don't care if people go probing around my home computer, but I do care if they use my Internet account). Of course all of this is purely hypothetical for me, I try to keep my home computer secure so I won't have these problems ;-) -- ------------------------- Aviram Jenik "Addicted to Chaos" ------------------------- Today's quote: Never give up. And Never, under any circumstances, face the facts. -Ruth Gordon
S/MIME Cryptographic Signature