[CentOS] Server Hacked: Cpanel

Wed Aug 9 20:40:09 UTC 2006
William L. Maltby <BillsCentOS at triad.rr.com>

On Wed, 2006-08-09 at 17:00 -0300, Rodrigo Barbosa wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On Wed, Aug 09, 2006 at 03:19:23PM -0400, William L. Maltby wrote:
> > > the 3rd being:
> > > 
> > > - - Challenge/Response
> > 
> > HA! I remember this from before I got cable access. While futilely
> > hoping the telco would get DSL out here in the sticks, I did dial to my
> > ISP. Auth was either PAP or CHAP. IIRC, ISP preferred CHAP and that's
> > what we did (PtoP).
> 
> Having to stop the passwords on plaintext (on the ISP side) always makes
> me raise an eyebrow toward any place that offers CHAP as authentication.
> Then again, I always use different passwords everywhere, so that is not
> usually a big issue.

Same here, even in my own net (I have grandchildren: they can be
"snoopy"). The darn trouble is trying to remember them all, including
those for different 'net sites; all have a different password.

The plain text password didn't bother me so much as my connection was a
dial-up Point-to-Point connection. One would need some special acces to
intercept.

> - -- 
> Rodrigo Barbosa
> <snip sig stuff>

-- 
Bill
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://lists.centos.org/pipermail/centos/attachments/20060809/cac064f8/attachment-0005.sig>