[40031] in North American Network Operators' Group
Re: telnet vs ssh on Core equipment , looking for reasons why ?
daemon@ATHENA.MIT.EDU (fingers)
Tue Jul 31 11:43:11 2001
Date: Tue, 31 Jul 2001 17:39:12 +0200 (SAST)
From: fingers <fingers@fingers.co.za>
To: <alex@yuriev.com>
Cc: Greg Maxwell <gmaxwell@martin.fl.us>,
"Stephen J. Wilcox" <steve@opaltelecom.co.uk>,
"Mr. James W. Laferriere" <babydr@baby-dragons.com>,
<nanog@merit.edu>
In-Reply-To: <Pine.LNX.3.96.1010731111228.29579L-100000@cathy.uuworld.com>
Message-ID: <20010731173832.S6051-100000@snow.fingers.co.za>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
Hi
> Monkey in the Middle attack on SSH is very difficult to perform. I'm cc'ing
> Matt Bishop (bishop@cs.ucdavis.edu) who together with yours truly wrote a
> paper on this in 1997.
Well I saw a monkey do it in 10 minutes with ettercap. Sorry I did mention
in 1 of my posts that the ssh key sniff was done using arp soofing, my
text got lost somewhere along the line....
--Rob
