From: "jjaf" <jjaf@jjaf.de>
To: "IT-Grundschutz-Hotline \(BSI\)" <gshb@bsi.de>
Subject: =?Windows-1252?Q?=C4nderungsvorschlag:_M_2.11_Regelung_des_Pa=DFwortgebra?=
	=?Windows-1252?Q?uchs?=
Date: Fri, 20 Apr 2001 11:53:57 +0200
Organization: jjaf.de
MIME-Version: 1.0
Content-Type: text/plain;
	charset="Windows-1252"
Content-Transfer-Encoding: 8bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.50.4522.1200
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ÄNDERUNGSVORSCHLAG

Hinzufügen einer Regel zum Paßwortgebrauch:

- -Auf verschiedenen Systemen sind unterschiedliche Paßwörter zu
verwenden.


Beispiel:

$ ps -af
victim 41456 1 0 12:12:54 pts/9 0:07 /usr/bin/perl
/home/victim/app/gmsf -u USERNAME -p PASSWORD

=> http://jjaf.de/search/perl+gmsf
=> GetMySpaceFolder (FreeDiskSpace, MySpace)
=> http://myspace.com/
=> http://login.myspace.com/UserProfile.asp
=> Email Address: victim@webmail.example.com
   (Password) Hint: Wie Immer
                    ^^^^^^^^^
=> http://webmail.example.com/
=> Inbox: Netcenter Registration, Yahoo! Registration, NBCi
Registration, amazon.de-Bestellstatus ...

=> SECURITY-ALERT RED! mit Verweis
http://jjaf.de/security/it-gshb/m/2/011/ an
victim@webmail.example.com

Kun afablaj salutoj

http://jjaf.de/

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.1 for non-commercial use <http://www.pgp.com>
Comment: http://jjaf.de/security/

iQA/AwUBOszNWoEOVQ0nM69aEQJBpgCgwQPWYKOkcixIbITdNkwPLyn9C9YAoMVZ
z8Re2mezX3dlXj9VPBOWev4p
=uDwu
-----END PGP SIGNATURE-----