Re: [cobalt-users] Raq3 admin & root passwords

["Michael Zimmermann" <zim@xxxxxxxx>]

Thanks for your sharing, Jens. 

Probably you are right with these missing security updates
being easier to exploit than the plaintext telnet or gui.

But don't you think, if one of the hundreds of machines on your
ISP's subnet is compromised, it would be possible to
get all the others on the subnet by running a snooper
on the one which got hacked?

Or do you think the normal ISP is checking for promiscuous 
cards on their subnets? I don't know. Just asking.

> You do know, that the Cobalt interface requires those two to be the
> same? (as long as you only want to use their interface for setting
> passwords)

WHAT? Changing the admin password from the gui also changes root password?
I've to check that...

... Yes you are right.

So this means, the admin password is enough to get the whole machine
(although not unnoticed). BoooHooo :o(

My god, I must have got a cool ISP - he delivered my machine
configured with different passwords. Cool guy. If anyone ever
wants a server located in Germany, he's http://domke.de

> So you say that someone _hi-jacked_ a connection?
> Very, very unlikely when we are talking Linux machines (that has very
> unpredictable seq-numbers)

No, just break into a server (the weakest - need not be a unix), 
and snoop the ISP's subnet from there.
Or do the ISPs usually connect each box to a different
channel of the router? I doubt, because that would mean
investment on the router without a sellable return.


Michael