On Mon, 2007-10-01 at 14:28 -0600, Karl Larsen wrote: > Charles Curley wrote: > > On Mon, Oct 01, 2007 at 02:45:30PM -0500, Aaron Konstam wrote: > > > >> This may be an off the wall question but here goes. When you bring up > >> the cups web interface ans choose to administer your printers, you are > >> asked to login with a username and passwd. Usually it is the name root > >> and roots passwd that works. > >> > >> Let us say some one has a network sniffer on another machine on your > >> LAN. Since the root passwd your type is going to localhost network it > >> should be handled by the loopback interface. > >> > >> Is it? And if that is so can a sniffer on the LAN see the passwd > >> entered? > >> > > > > What is the URL that gets you to the CUPS IF? Mine is > > http://localhost:631/, do in my case, yes, it is localhost. If your > > name resolution is set up correctly, that should point to the local > > loopback device: > > > > [root@dragon ~]# host localhost > > localhost has address 127.0.0.1 > > localhost has IPv6 address ::1 > > [root@dragon ~]# ifconfig lo > > lo Link encap:Local Loopback > > inet addr:127.0.0.1 Mask:255.0.0.0 > > UP LOOPBACK RUNNING MTU:16436 Metric:1 > > RX packets:19437 errors:0 dropped:0 overruns:0 frame:0 > > TX packets:19437 errors:0 dropped:0 overruns:0 carrier:0 > > collisions:0 txqueuelen:0 > > RX bytes:4729638 (4.5 MiB) TX bytes:4729638 (4.5 MiB) > > > > So, yes, it should go to the local loopback device (LLD). > > > > The whole point of the LLD is that it never goes to the network. With > > a properly written LLD, a packet should go to the IP level of the > > TCP/IP stack. The LLD's IP code simply swaps the source and > > destination addresses and ports, and hands the packet back to the > > appropriate higher level protocol (ICMP, TCP, UDP, etc.). (I haven't > > looked at the source for Linux's LLD, but that's basically what the > > one I wrote did.) > > > > So if the LLD is properly written, a sniffer on another machine should > > never see any packets to or from a LLD. > > > > As you probably know, the X protocol uses TCP/IP to communicate > > between clients (programs) and servers (displays, keyboards, > > etc.). Think of the security implications when X traffic doesn't > > travel over the loopback device. A cracker who can scarf your X > > packets could watch you compose mash notes to your secretary on > > company time in real time. Not very secure! This is one of several > > reasons the normal "xhost" authentication is deprecated in favor of > > SSH. So, yeah, the TCP/IP security folks have already thought of this > > question. > > > > > A few weeks ago I got caught sleeping. I figured the hardware > firewall will keep all hackers away but I was very wrong. A guy bent on > doing something minor established a ssh connection to my computer and > then guessed my user name and password. It was very simple. I have since > changed the password. He just went to my browser and there connected to > web pages that take hours to come up. I think the guy, and know the web > pages, are in Germany. > > If he wants to try again it will not work. > You need a better passwd. I have tried the latest cracking programs on mine for 3 days and it was never cracked. -- ======================================================================= SEMPER UBI SUB UBI!!!! ======================================================================= Aaron Konstam telephone: (210) 656-0355 e-mail: akonstam@xxxxxxxxxxxxx
