Comments on: Go hack yourself - recovering your FTP password http://johnmu.com/go-hack-your-ftp/ John Mueller's technical website tips and tricks Sat, 05 Jul 2008 01:25:37 +0000 http://wordpress.org/?v=2.3.3 By: Adam Moro http://johnmu.com/go-hack-your-ftp/#comment-989 Adam Moro Wed, 30 Apr 2008 18:54:34 +0000 http://johnmu.com/go-hack-your-ftp/#comment-989 Well thanks a lot John. I was up ALL night playing with Backtrack and as a result am now in the dreaded doghouse with my girlfriend. Just kidding obviously. Thanks for the tip, as always, it's a great one. I assume you're a Linux ftw kind of guy. Which distro's your favorite? Not sure if that makes sense (I just recently emerged :) myself into the world of Linux...yep, Ubuntu it was) so in other words, do you prefer say Gentoo over Fedora or another one? I almost didn't ask because a friend of mine laughed at me when I asked him that question and told me he uses his own version of Linux. I assume that has something to do with compiling the kernal and adding the desktop environments and such manually...that scares the begeezus out of me so I'm wondering what the more simple answer would be. Well thanks a lot John. I was up ALL night playing with Backtrack and as a result am now in the dreaded doghouse with my girlfriend. Just kidding obviously. Thanks for the tip, as always, it’s a great one. I assume you’re a Linux ftw kind of guy. Which distro’s your favorite? Not sure if that makes sense (I just recently emerged :) myself into the world of Linux…yep, Ubuntu it was) so in other words, do you prefer say Gentoo over Fedora or another one? I almost didn’t ask because a friend of mine laughed at me when I asked him that question and told me he uses his own version of Linux. I assume that has something to do with compiling the kernal and adding the desktop environments and such manually…that scares the begeezus out of me so I’m wondering what the more simple answer would be.

]]> By: John Mueller http://johnmu.com/go-hack-your-ftp/#comment-986 John Mueller Sun, 27 Apr 2008 12:03:51 +0000 http://johnmu.com/go-hack-your-ftp/#comment-986 Adam, if you're running Linux you can do the same thing for free (there are even Linux versions that run off of a CD which do the same, eg "Backtrack", you don't even have to set up a computer to use them). With a little know-how you can not only access unprotected networks, but also WEP encrypted wireless networks. Many public access points are not encrypted, which would allow anyone to listen in when you sign in for email or if you need to make a last-minute website update via FTP . The easy way to protect yourself is to use more secure protocols like HTTPS when signing in for your webmail account or sFTP instead of FTP . Gmail supports HTTPS, I'm pretty sure the others do too. Adam, if you’re running Linux you can do the same thing for free (there are even Linux versions that run off of a CD which do the same, eg “Backtrack”, you don’t even have to set up a computer to use them). With a little know-how you can not only access unprotected networks, but also WEP encrypted wireless networks. Many public access points are not encrypted, which would allow anyone to listen in when you sign in for email or if you need to make a last-minute website update via FTP .

The easy way to protect yourself is to use more secure protocols like HTTPS when signing in for your webmail account or sFTP instead of FTP . Gmail supports HTTPS, I’m pretty sure the others do too.

]]> By: Adam Moro http://johnmu.com/go-hack-your-ftp/#comment-984 Adam Moro Sun, 27 Apr 2008 04:16:34 +0000 http://johnmu.com/go-hack-your-ftp/#comment-984 Wow, I finally gave this a try. Even more scary... http://www.cacetech.com/products/airpcap_family.htm. $200 bucks and an unsecured wireless connection is all someone needs to get OTHER people's passwords. You made me reconsider my whole password convention because of this, John! Thanks again! Wow, I finally gave this a try. Even more scary… http://www.cacetech.com/products/airpcap_family.htm. $200 bucks and an unsecured wireless connection is all someone needs to get OTHER people’s passwords. You made me reconsider my whole password convention because of this, John! Thanks again!

]]> By: Adam Moro http://johnmu.com/go-hack-your-ftp/#comment-975 Adam Moro Wed, 26 Mar 2008 18:39:13 +0000 http://johnmu.com/go-hack-your-ftp/#comment-975 "Even if your FTP (or email) client encrypts passwords in the settings, they can still be read with the right tools." Sounds like ultimately there will always be a risk for those who don't know how to use the right tools. Scary. Thanks for the great info, John! “Even if your FTP (or email) client encrypts passwords in the settings, they can still be read with the right tools.”

Sounds like ultimately there will always be a risk for those who don’t know how to use the right tools. Scary. Thanks for the great info, John!

]]>