[vox] password stolen at linuxworld
Rod Roark
vox@lists.lugod.org
Sun, 10 Aug 2003 08:11:15 -0700
On Sunday 10 August 2003 04:26 am, Ryan Castellucci wrote:
> ...
> I suspect that my password was either sholder surfed (unlikely, it'd be
> hard to memorize....) or someone was runnning man-in-the-middle attacks,
> and forced an SSHv1 session to prevent a warning, simply prompting for a
> new key.
It's likely the problem is much more widespread than just
your passwords. Did you use the machines installed at LWE
for Net access? It's not hard to imagine that someone was
logging keystrokes.
It may be wise to contact the LWE coordinators, and the
attacker's IP block owner (claremont.edu).
-- Rod