Date: Wed, 10 Feb 1999 14:24:55 -0800 (PST)From: Gregory Taylor New Exploit - DCCsnoop.txt Discovered by Gregory TaylorFebuary 5th, 1999 It is possible to snoop a user's Linux connection through IRC.. DCC Sending the device files /dev/ttyp1 - ? while someone is logged in on that ttyp to an outside client will send all information sent from that user to the target client, making it possible to snoop his connection, password and login The drawback is the user will not see his own information typed in and may disconnect, but for those with auto-login scripts, it is possible to recieve login/passwords, and even /dev/tty1 - etc. can be snooped for those logging in as root.. I would like some feedback on anyone who may have any ideas or comments about this.Gregory TaylorUNIX Systems Engineer American Digital Online Services