[vox] password stolen at linuxworld

Ryan Castellucci vox@lists.lugod.org
Sun, 10 Aug 2003 17:54:10 -0700


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sunday 10 August 2003 08:11 am, Rod Roark wrote:
> On Sunday 10 August 2003 04:26 am, Ryan Castellucci wrote:
> > ...
> > I suspect that my password was either sholder surfed (unlikely, it'd =
be
> > hard to memorize....) or someone was runnning man-in-the-middle attac=
ks,
> > and forced an SSHv1 session to prevent a warning, simply prompting fo=
r a
> > new key.
>
> It's likely the problem is much more widespread than just
> your passwords.  Did you use the machines installed at LWE
> for Net access?  It's not hard to imagine that someone was
> logging keystrokes.

No, I only used my laptop.

> It may be wise to contact the LWE coordinators, and the
> attacker's IP block owner (claremont.edu).

Done and done.

- --=20
PGP/GPG Fingerprint: 3B30 C6BE B1C6 9526 7A90  34E7 11DF 44F3 7217 7BC7
On pgp.mit.edu, import with `gpg --keyserver pgp.mit.edu --recv-key 72177=
BC7`
Also available at http://www.cal.net/~ryan/ryan_at_mother_dot_com.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE/NukyEd9E83IXe8cRAq3bAKCr5sGwL1iPC1dkxBys6l8I/lAnxQCdHwq4
D0Ckwc2ye0+gUH6yWiEdkYQ=3D
=3DEQUu
-----END PGP SIGNATURE-----