[lug] Attacks Intensifying
Sean Reifschneider
jafo at tummy.com
Sat Nov 20 19:33:56 MST 2004
On Wed, Nov 03, 2004 at 11:48:08AM -0700, Dean Brissinger wrote:
>the middle attack. Any desktop machine on the same LAN as either the
>client or the server can promote itself to route all traffic through
Good switches will, of course, prevent this. This is also a good reason
for not using password authentication, and instead using SSH agent. With
ssh agent, authentication is done via a challenge/response and a
man-in-the-middle can't use that information for future authentications.
Of course, if you ignore the warnings about host keys changing, you kind of
deserve what you get.
Sean
--
The "PEANUTS" gang finds their first root-kit in "YOU'RE AN 3L33T H4CK3R
NOW, CHARLIE BROWN".
Sean Reifschneider, Member of Technical Staff <jafo at tummy.com>
tummy.com, ltd. - Linux Consulting since 1995. Qmail, Python, SysAdmin
More information about the LUG
mailing list