Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: telnet vs ssh on Core equipment , looking for reasons why ?

  • From: Greg Maxwell
  • Date: Tue Jul 31 11:35:16 2001

On Tue, 31 Jul 2001 alex@yuriev.com wrote:

> Monkey in the Middle attack on SSH is very difficult to perform. I'm cc'ing
> Matt Bishop (bishop@cs.ucdavis.edu) who together with yours truly wrote a
> paper on this in 1997.

Hard how? Are you talking about the complexity in coding the exploit app?
So what! It only has to be written once:

SSHv1
wget http://www.monkey.org/~dugsong/dsniff/dsniff-2.3.tar.gz
tar -zxf dsniff-2.3.tar.gz
man ./dsniff-2.3/sshmitm.8

The SSH security model is fundimentally weak against Man in the Middle,
because it provides no methodology to verify the transmitted key (beyond
crude manual methods... Not that PKI system used with SSL is all that
effective either).







Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.