home *** CD-ROM | disk | FTP | other *** search
- Path: sparky!uunet!ukma!darwin.sura.net!haven.umd.edu!umd5!oberon.umd.edu!matthews
- From: matthews@oberon.umd.edu (Mike Matthews)
- Newsgroups: comp.security.misc
- Subject: Re: Two hackers caught tapping into Boeing, federal computers
- Message-ID: <17126@umd5.umd.edu>
- Date: 22 Nov 92 16:31:15 GMT
- References: <1992Nov13.195515.19232@jato.jpl.nasa.gov> <1ejjt7INNhql@talon.UCS.ORST.EDU> <10013@blue.cis.pitt.edu.UUCP>
- Sender: news@umd5.umd.edu
- Organization: /etc/organization
- Lines: 35
-
- There seems to be some massively different trains of thought going on here.
- The statement from before:
-
- filed with the charges stated. ``He then transferred the password file
- to a Boeing Company computer, where he decrypted the passwords.''
- That process gave Anderson the ``root'' password, which allowed
-
- could mean he cracked the root password by the password being a dictionary
- word, or it could mean he cracked someone else's password, got into the
- system, and used an unmentioned hole in the system.
-
- What is unclear is whether or not the root password was determined directly
- by the cracking (which would mean the systems allowed root logins over the
- network, UNLESS...) *OR* the root password was begotten by breaking in to
- someone else's account, becoming root and giving 'root' a new one.
-
- To *me* it seems the root password was determined because it was guessed by
- the cracking software. To *me* it means they allowed root logins over the
- network.
-
- I didn't see any claims or mention anywhere about someone figuring out a way
- to decrypt DES encryption -- and I too don't believe it anyway.
- ------
- Mike Matthews, matthews@oberon.umd.edu (NeXTmail accepted)
- ------
- How doth the little crocodile
- Improve his shining tail,
- And pour the waters of the Nile
- On every golden scale!
-
- How cheerfully he seems to grin,
- How neatly spreads his claws,
- And welcomes little fishes in,
- With gently smiling jaws!
-
-
