26 Jul
2004
26 Jul
'04
5:52 p.m.
On Mon, 26 Jul 2004, Randy Bush wrote:
whats the difference between telnet from a directly connected host and a serial line?
if the 'directly connected host' is on multi-point medium, then it is subject to sniff attacks
I realised that but you can 'sniff' a serial line if you physically tap it, you're saying you can setup a span port much easier as its software tho right? but that requires you to have compromised the switch and an attached server, that in itself should be throwing up some alarms - rancid, tripwire etc? it would be easier to hack the host directly and install a keylogger, only one hack to do that way and you can grab any passwds from telnet or ssh sessions Steve