Wed Jul 14 16:11:40 PDT 1999 (Bastille Day, 1999) Another sniffer was discovered running on nature on Wed Jul 14th. It had been running since 00:39 that morning. The folks who were using secure shell were not affected. ANYONE using telnet during this time has had their password stolen. We've disabled those accounts we know for sure have been compromised, but it would be a good idea for all users to change their passwords. ADDITIONALLY Since this is a recurring problem, we must take preventive measures to ensure that this stops. Therefore, please note the following... telnet: Starting November 1, 1999, nature will disable access via telnet. Its just too risky. Especially when we have viable alternatives. (SEE BELOW) All connections must be over a secure tunnel when nature "switches off" telnet access. ftp: Secure your ftp authentications by configuring your ftp client to go through a secure tunnel. See the article in April/May 1998 issue of Berkeley Computing and Communications for the details on securing your connections though secure shell tunneling.

SSH is a better, AND SECURE remote shell Use the links below to obtain an SSH-capable client program for either the Macintosh platform or the Windows platforms. Administrative units within the College of Natural Resources should contact the C.N.R. computing facility for specific advice. Brian 3-7861 Gary 2-5583

[ Links ]

NiftySSH : This link will lead you to a FREE Macintosh SSH client program.

Tera Term Pro : This link will lead you to a FREE Windows 95/98/NT SSH client. TT SSH Extension : You need the ttssh extension of Tera Term to make TT be SSH-enabled.

F-Secure-SSH : This link will lead you to a GOOD, COMMERCIAL Windows 95/98/NT and Mac SSH client.

Page © 1999 by Consult <consult@nature.berkeley.edu>