(keitai-l) Re: bwute! [i-mode ssh]

From: Juergen Specht <js_at_nooper.com>
Date: 12/13/01
Message-ID: <862178752.20011213124619@nooper.com>
> I know about the security problem. However, my procmail script
> scans the complete header which cannot so easily be faked, actually
> quite difficult I believe but please correct me if I am mistaken.
> And there are a couple of additional features such as a password,
> so a faker must know my procmail script and my handy settings and
> on top of that be able to fake the complete header. If he can do
> all that without me finding out about his attempts (otherwise I
> would of course immediatly shut down the tunnel), he probably can
> become root on our site anyway despite our firewall etc, so hacking
> into my account will not really be the weakest link in our line of
> defense.

It is. Because you told the world already about your 'tunnel'
and a simple sniffer tool in front of your SMTP server can
catch one of your mails (with full headers) and fake the rest.

Thats what Carnivore does (monitors suspect's e-mail - either
headers or full content). There is even a open source version
of Carnivore out there:
http://www.zdnet.com/zdnn/stories/news/0,4586,2630674,00.html

Juergen
--
Juergen Specht CTO, Nooper.com - Mobile Services Inc. Tokyo, Japan
i-mode/FOMA consulting, development, testing: http://nooper.co.jp/
Received on Thu Dec 13 05:52:13 2001