Things went well last night. Judson gave a demonstration of nmap and ethereal,
where we demonstrated that that all of the traffic passing on the wire can be
captured. We saw plaintext passwords, and we saw encrypted traffic. In answer
to a question, Judson explained how to secure our servers (don't run stuff
you don't need, and keep the things you do run updated, etc.).
I then wrapped the meeting up by making the comment that since our data can be
sniffed, we ought to be extremely careful when sending any. For instance, if
we absolutely must check email at a cyber cafe, we need to put up a VPN (ssh
tunnels, or some other solution) first, to insure that no one grabs our
passwords. Worse still, our online bank account information, even though it's
protected by SSL, can often be decrypted, so doing that sort of thing when we
are not reasonably certain our traffic isn't being sniffed, is foolhardy.
One other item I tossed out was the new perlmongers meeting we started
recently. However, since several people mentioned that they used PHP, I
wonder how receptive you guys would be to starting a PHP users group locally?
I'm willing to explore this possibility, if there is enough support for it,
and if others are willing to help me lead it.
-- Joey Kelly < Minister of the Gospel | Linux Consultant > http://joeykelly.net "I may have invented it, but Bill made it famous." --- David Bradley, the IBM employee that invented CTRL-ALT-DEL ___________________ Nolug mailing list nolug@nolug.orgReceived on 05/21/04
This archive was generated by hypermail 2.2.0 : 12/19/08 EST