Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!zaphod.mps.ohio-state.edu!swrinde!cs.utexas.edu!rice!uw-beaver!zephyr.ens.tek.com!gvgpsa!gold.gvg.tek.com From: shaunc@gold.gvg.tek.com (Shaun Case) Newsgroups: comp.binaries.ibm.pc.d Subject: security hole in Procomm Summary: lord.love.a.duck Keywords: password thieves Message-ID: <2192@gold.gvg.tek.com> Date: 17 Apr 91 03:25:10 GMT Sender: shaunc@gold.gvg.tek.com Organization: Grass Valley Group, Grass Valley, CA Lines: 42 re: procomm security problem If you are THAT worried about security, you should power the machine all the way down and up again. If you don't, someone could wander in with a very small program that takes a snapshot of all 640k and writes it to disk. You could then use LIST to look through it for passwords that were saved in the scrollback buffer, or you could use CHK4BOMB or some other utility to just scan the file for text. If you don't believe me, try the following C program: #include int main() { FILE *secrets; unsigned long i; secrets=fopen("secrets.dat", "wb"); for (i=0; i<655360L; i++) fputc( *(char far *)i, secrets); fclose(secrets); return 0; } Compiles to about 6k under borland C++ 2.0, which is pretty much guaranteed to be smaller than procomm. However, all the security measures in the world won't do any good when people put their passwords for each system in their dialing directories, as I have seen several times. Don't you wish everyone was trustworthy? // Shaun // PS, please, no flames about my C code. If you want to have the best chance at capturing valuable data, you want your program to be as small as possible, without all that nasti error checking. Right? Right.