Back when I was working (a few years ago now), my company laptop had some lame Cisco DNS proxy installed in the name of "security." The laptop ignored the DNS servers provided by DHCP and the proxy used a pinned company DNS server. Any DNS requests that could not be resolved would redirect to some questionable server on the open Internet that also happened to have an ssh server on port 22.
None of this bothered me until the time I tried to ssh into one of my local boxes, was and redirected to the bogus server, which prompted me for my password, which I stupidly provided out of habit.
So now some random server on the open Internet has collected the hostname, username, and password for my local machine. I reported this to the company IT department and their response was a shrug.
None of this bothered me until the time I tried to ssh into one of my local boxes, was and redirected to the bogus server, which prompted me for my password, which I stupidly provided out of habit.
So now some random server on the open Internet has collected the hostname, username, and password for my local machine. I reported this to the company IT department and their response was a shrug.