RE: AS/400 on alt.hacker

[Buck Calabro <mcalabro@xxxxxxxxxxxx>]

Dan,

>But you got me thinking about using Remote Client Access 
>to connect to an AS/400 through an ISP from home.  
>From what I understand, this is all unencrypted, so
>anyone using "packet capture software" should be able 
>to pick up my user ID and password with little difficulty.  
>However, how will anyone know to "capture" _my_ connection?  
>Would the person capturing be "sitting/waiting" on the
>AS/400-side of the transmission or would he have to 
>be monitoring my end of the connection?  

Either end, or at any point in between.  For instance, if I were bored
working the late shift on the service desk at your ISP, I might be tempted
to put a packet sniffer on the network backbone, just to satisfy my natural
curiosity :-)

>If the latter, what are the chances that someone would 
>know that I do this?  It's not like I put a sign out in front 
>of my house advertising this fact.  I do an awful lot of 
>surfing, so a "cracker" would have to have a pretty
>boring life waiting around for me to connect to our 
>AS/400 from home.

Well, if I were bored and I did have a packet sniffer, the first thing I'd
do is to tell it to capture 10k blocks of data around the characters "user",
"pass", "login", "phone", "card", "id" - things of that nature.  I'd let the
computer do the really boring stuff whilst I read the juicy parts it found
for me.  Remember, I don't need to be on either end of this communication -
if your packets go from London to Brussels to Paris to Frankfurt, I can put
my sniffer at any of the nodes and see them.

Yours in thoughtful speculation,

Buck Calabro
+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---