Getting Hacked Through Your Terminal

← Back to Stories (view on slashdot.org)

Getting Hacked Through Your Terminal

Posted by timothy on Saturday March 1, 2003 @10:22AM from the nothing-new-under-the-sun dept.

hdm writes "My company recently published a paper on security issues with common terminal emulator applications. The interesting thing about these vulnerabiltiies is that many of them only require the victim to be running tail on their log files (apache, syslog, etc) for the attack to be successful. The paper (TXT) can be found here."

4 of 204 comments (clear)

Min score:

Reason:

Sort:

Re:Most exploits by Anonymous Coward · 2003-03-01 10:29 · Score: 2, Insightful

But exploits that require physical access to the machine don't really mean much to anyone truly interested in security.
~~~
Re:Most exploits by kasperd · 2003-03-01 12:01 · Score: 3, Insightful

For instance, you can recover a root password in just 10-15 minutes on ANY machine.

You shouldn't make such claims without any evidence.

--

Do you care about the security of your wireless mouse?
Re:Poking fun at Enlightenment? by KainX · 2003-03-01 14:07 · Score: 2, Insightful

They're obvious exaggerations for the intent of being humorous. No one should take them seriously or interpret them as anything other than playful jabs.

--
Michael Jennings | HPC Systems Engineer, Lawrence Berkeley National Lab | Author, Eterm (eterm.org)
Re:Most exploits by joto · 2003-03-02 06:11 · Score: 2, Insightful

Well, uhmm...
This is a nice touch, but remember that it's only security by obscurity. If you have physical access to the machine, you can just as well boot from a floppy, or remove the harddisk and put it into some other computer booting from another disk.
Not that it isn't useful, though. Most sysadmins do give their users physical access to their desktop (or laptop) computers. But then the users are, at least to some degree, trusted...