On Fri, Mar 18, 2005 at 07:39:43AM -0500, Bart Silverstrim wrote: > If someone puts a keystroke logger on your windows machine, they will > get the password. > > If they put a hardware logger on your computer, they will get the data. > > If they are watching over your shoulder just as you misstype your > password as your username, you're probably in trouble. > > If someone is viewing your Windows desktop using remote monitoring > software (like a modified VNC), they'll see your session. > > If putty is trojaned, you're in trouble.
You can also enable OPIE passwords. Using opie(4) in combination with ssh should solve some (though not all) of your problems w.r.t. sniffing and key logging. Of course, if you logged into a machine using opie, and *then* typed some other (non one-time) passwords from withing that session, you'd be still at the mercy of a local key logger or trojaned ssh client. So you've got know what you're doing and use common sense :) Cheers, -cpghost. -- Cordula's Web. http://www.cordula.ws/ _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
