This part: "The crucial element in the password thefts that provided access at Cisco and elsewhere was the intruder's use of a corrupted version of a standard software program, SSH. The program is used in many computer research centers for a variety of tasks, ranging from administration of remote computers to data transfer over the Internet." reminds me of the SourceForge attack a few years back http://www.apache.de/info/20010519-hack.html -Jim P. On Mon, 2005-05-09 at 22:37 -0700, Steven M. Bellovin wrote:
SAN FRANCISCO, May 9 - The incident seemed alarming enough: a breach of a Cisco Systems network in which an intruder seized programming instructions for many of the computers that control the flow of the Internet.
Now federal officials and computer security investigators have acknowledged that the Cisco break-in last year was only part of a more extensive operation - involving a single intruder or a small band, apparently based in Europe - in which thousands of computer systems were similarly penetrated.
....
--Prof. Steven M. Bellovin, http://www.cs.columbia.edu/~smb