When an administrator here telnets to a PM3 and sets
up debugging such that they can watch the incoming
connections, cut and paste them into the PPP Decoder
Ring as seen on Livingston.com, they can make sure
that the users are entering proper passwords, etc.
The problem is, either the admin loses link, or quits
and either doesn't get a chance to type or forgets to
type 'reset cons' so that the debug info isn't displayed
anymore.
So, the next person to telnet to that portmaster, and
sit there and wait, will see all the debugging information
streamed to their screen, WITHOUT LOGGING IN.
This opens any portmaster to parties other than those
that a company may control, opening the possibility
of a "hacker" grabbing users' passwords.
Please fix this in the next release of ComOS ? It's
a piece of cake to reset the console on quit or disconnection,
isn't it ?
Thanks...
Net Access Corp.
-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-users' in the body of the message.
Searchable list archive: <URL:http://www.livingston.com/Tech/archive/>