Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

I think I was sniffed?



My ISP (HarvardNet) just had me change my dial-up password.  It seems
they had been getting SPAM complaints which implicated me.  The SPAM
wasn't appearing as coming from my account, but it was suspected that
the perpetrators were logging in using my dial-up username and password.

Now I'm paranoid.

How did they get my password?  I use the same password for my user
account on my linux laptop.  That's the only other place I use it.  So
as far as I can tell, it must have been intercepted in one of three
places: (1) when establishing my dial-up connection, (2) when retrieving
my POP email (which I often do from my office LAN, in addition to when
I'm dialed in, and (3) when I'm logging in to my laptop.  Am I
forgetting anything?

I'm guessing someone got me on number (2).  Which means I'll probably
stop getting my email except when I have a dial-in connection.

Any other suggestions about what I should do at this point to make sure
I haven't been further compromised?  Let's just say, for the sake of
argument, that I haven't compiled lists of the suid and guid programs on
my laptop in a known secured state.
 
________________________
Ron Peterson
rpeterson at yellowbank.com
-
Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at blu.org (Subject line is ignored).




BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org