mixed system backups

[Damien Elmes]

"Alfred" <alfred at mazuma.net.au> writes:

> Unless you use one of the many possible hacks to redirect the data past a
> compromised machine :) (its pretty trivial to do and hard to counter).

> > If you have switches or secure hubs then only the two endpoints of a
> > connection see that traffic.

yeah, AFAIK even on a switch you can spoof ARP packets and do a man in the
middle attack. it's not a trivial process compared to a standard exploit, but
it's not impossible and there are tools out there that can help you with the
process.

as mentioned in other posts, logging in via root to a box on the network is bad
practise. doing it via rsh leaves you particulary open and it's one of the
reasons why ssh was invented. 

i use rsh to sync some files to an old P166 laptop that I use as an mp3 player
in the car. but that's about the only machine where rsh is still in use.

cheers,

-- 
Damien Elmes
resolve at repose.cx