[40033] in North American Network Operators' Group
Re: telnet vs ssh on Core equipment , looking for reasons why ?
daemon@ATHENA.MIT.EDU (alex@yuriev.com)
Tue Jul 31 11:51:37 2001
Date: Tue, 31 Jul 2001 11:48:55 -0400 (EDT)
From: <alex@yuriev.com>
To: fingers <fingers@fingers.co.za>
Cc: Greg Maxwell <gmaxwell@martin.fl.us>,
"Stephen J. Wilcox" <steve@opaltelecom.co.uk>,
"Mr. James W. Laferriere" <babydr@baby-dragons.com>, nanog@merit.edu
In-Reply-To: <20010731173832.S6051-100000@snow.fingers.co.za>
Message-ID: <Pine.LNX.3.96.1010731114821.29579Y-100000@cathy.uuworld.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
>
> > Monkey in the Middle attack on SSH is very difficult to perform. I'm cc'ing
> > Matt Bishop (bishop@cs.ucdavis.edu) who together with yours truly wrote a
> > paper on this in 1997.
>
> Well I saw a monkey do it in 10 minutes with ettercap. Sorry I did mention
> in 1 of my posts that the ssh key sniff was done using arp soofing, my
> text got lost somewhere along the line....
*Yawn*
warning: Executing /opt/bin/ssh1 for ssh1 compatibility.
Host key not found from the list of known hosts.
!! If host key is new or changed, ssh1 protocol is vulnerable to an
!! attack known as false-split, which makes it relativily easy to
!! hijack the connection without the attack being detected. It is
!! highly advisable to turn StrictHostKeyChecking to "yes" and
!! manually copy host keys to known_hosts.
Are you sure you want to continue connecting (yes/no)?
It does not matter what kind of security system you have if you dont bother
to actually engage it.
Alex
