Passing the conference 'sniff' test

    Date05 Aug 2005
    Posted ByBrittany Day
    At last year's USENIX Security Symposium, Marcus Ranum was minding his own business -- checking his e-mail, updating his Web site, etc. -- when another conference attendee sent him an e-mail. In the text: Ranum's password. Ranum, known for his work in intrusion detection, later angrily confronted the sender at the conference about invading his privacy. Bill Cheswick, a well-known security expert who sent the offensive message, later chalked up his actions as just "a friendly nudge."

    Cheswick then refrained from any more password-sniffing at the request of USENIX organizers. But on Thursday, a year after the incident, the chief scientist for Somerset, N.J.-based network security provider Lumeta Inc. defended the use of wired and wireless sniffers to catch passwords and other sensitive data transmitted through cleartext protocols.

    "I've tried to act as ethically as I know how with a variety of experiments on the Internet," he told this year's USENIX Security Symposium audience in Baltimore. He said such acts help him gain statistical information, such as how many people still use inherently insecure FTP or Telnet to transmit data. "And I think that's a valid thing to report," he said.

    Cheswick also admits his findings demonstrate an individual's or enterprise's need for stronger password policies. "One could argue I performed a valuable public service for them," he said. Others rationalize their eavesdropping as education -- by posting the passwords they teach humiliated victims a lesson and ultimately help better protect networks.

    You are not authorised to post comments.

    LinuxSecurity Poll

    Have you used our RSS feeds?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 4 answer(s).
    [{"id":"77","title":"Yes, for articles","votes":"0","type":"x","order":"1","pct":0,"resources":[]},{"id":"78","title":"Yes, for advisories","votes":"0","type":"x","order":"2","pct":0,"resources":[]},{"id":"79","title":"Hybrid that contains both","votes":"0","type":"x","order":"3","pct":0,"resources":[]},{"id":"80","title":"No","votes":"0","type":"x","order":"4","pct":0,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.