Security Basics mailing list archives
Re: DNS, Man-in-the-middle??
From: David <dcorking () yahoo fr>
Date: Tue, 12 Aug 2003 17:32:12 -0400
On Mon, 11 Aug 2003, Golden_Eternity wrote:
On Wed, 06 Aug 2003, Stephen Pedrosa Eilert wrote:Firewall, called Speaker). So, I configured theinterface manually, usingmy ISP's DNS server and tried to SSH to Speaker. To mysurprise, thefollowing message appeared:You'll usually get a warning like this the first time you connect to any SSH server. If you're worried about it, then David's suggestions should help... Is this SSH 1 or 2? Last I checked there was no MITM attack for SSH 2 (but I've been out of it for a while).
There is a generic MITM for all SSH that works if the user ignores the warning about an unknown host key. That is different from the bug that allows MITM to happen on SSH1 without being noticed by the user. <FLAME ON> If you ignore the warning about the unknown host key, you have almost zero cryptographic protection. </FLAME OFF> David p.s. G_E I don't know if your message, intended for Stephen - reached the list. --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- DNS, Man-in-the-middle?? Stephen Pedrosa Eilert (Aug 06)
- Re: DNS, Man-in-the-middle?? David (Aug 11)
- Message not available
- Re: DNS, Man-in-the-middle?? David (Aug 13)
- Message not available
- Re: DNS, Man-in-the-middle?? David (Aug 11)