Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!zaphod.mps.ohio-state.edu!cis.ohio-state.edu!tut.cis.ohio-state.edu!ucbvax!BIOMAC.UNIV-LYON1.FR!jean From: jean@BIOMAC.UNIV-LYON1.FR Newsgroups: comp.protocols.appletalk Subject: Re: Cayman's 'Watch' is security threat. Message-ID: <910515.083424.1202@biomac.univ-lyon1.fr> Date: 15 May 91 07:34:24 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 45 > >Cayman Watch program is very dangerous on the the ethernet side and not >that dangerous on the localtalk side unless some one is using NCSA >Telnet to login to other machines. > It is also VERY dangerous on the LocalTalk side: you can peek username/password for accounts on remote hosts (using NCSA Telnet), but you can also peek username/password for AppleShare volumes (but not for TOPS which seems to use password encryption). You can also grab whole Postscript files sent by someone to a LaserWriter, without anyone knowing anything (care of examination subjects). The only workaround I can see is to have separate subnets for Macs containing "classified" informations. > >On the ethernet side, it is very dangerous since it can see >all the packets that fly by the cable it is connected to. > You can also use subnets: username/password pairs are only available on the subnet(s) from/to where you are login in. >Suggestions ?? >- May be remove Watch from public access mac. It is freely available from Cayman... >- Pray that no one know how to use it. It is so easy to use it... >- Tough policy. May be add this line: > "Death Sentence" if got caught using unauthorize account. > >Hanz Makmur >Rutgers University This last suggestion maybe a good thing for "honest" pirates. I think that the only good solution is to use separate networks for Macs (and LaserWriters) containing "classified" informations. Jean Jean Thioulouse | e-mail: | Universite Lyon 1 - Laboratoire de Biometrie | jean@biomac.univ-lyon1.fr | 69622 Villeurbanne CEDEX - France. | Bitnet: THIOULOU@FRCISM51 |