[CentOS] Server Hacked: Cpanel
Rodrigo Barbosa
rodrigob at darkover.org
Wed Aug 9 21:12:51 UTC 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wed, Aug 09, 2006 at 04:40:09PM -0400, William L. Maltby wrote:
> > Having to stop the passwords on plaintext (on the ISP side) always makes
> > me raise an eyebrow toward any place that offers CHAP as authentication.
> > Then again, I always use different passwords everywhere, so that is not
> > usually a big issue.
>
> Same here, even in my own net (I have grandchildren: they can be
> "snoopy"). The darn trouble is trying to remember them all, including
> those for different 'net sites; all have a different password.
>
> The plain text password didn't bother me so much as my connection was a
> dial-up Point-to-Point connection. One would need some special acces to
> intercept.
CHAP autentication send the "password" encrypted over the wire.
The problem is how it is stored on the ISP server.
[]s
- --
Rodrigo Barbosa
"Quid quid Latine dictum sit, altum viditur"
"Be excellent to each other ..." - Bill & Ted (Wyld Stallyns)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iD8DBQFE2k/TpdyWzQ5b5ckRAq9FAKCnzW8L67clVUcIrWxTrvTh8D4GgwCdHxaK
WmjnMxfweitzspfYdtft7OQ=
=6/wv
-----END PGP SIGNATURE-----
More information about the CentOS
mailing list