This is nothing new. At all.
the SSH / SSL MitM vulnerabilities are known risks - they're even mentioned
in the respective RFCs.
All that Dug has done is actually cut some code to carry out attacks that
are known to be a problem in theory. I'm not playing down his work, here,
but the impression that there is a new vulnerability that has been uncovered
is certainly not one that anyone (including Dug) wants.
To answer your other question - you can only MitM in this fashion when you
have a fair amount of control over the path. There is a DNS poisoning attack
which may work, if you're close to the target, but other that that we're
getting into gooshy, theoretical stuff.
The moral is - have a key for the major root CAs in your browser to stop the
SSL attack and verify or transfer SSH keys out-of-band the first time you
use them.
Cheers,
--
Ben Nagy
Marconi Services
Network Integration Specialist
Mb: +61 414 411 520 PGP Key ID: 0x1A86E304
> -----Original Message-----
> From: Erwin Geirnaert [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, 19 December 2000 7:01
> To: Firewalls (E-mail)
> Subject: FW: security: ssl and ssh, the Man in the Middle
>
>
> Hi guys
>
> Anyone who has some comments on this?
>
> I think that dnssniff can be used on a LAN, but on the
> Internet itself?
>
>
> http://www.securityportal.com/cover/coverstory20001218.html
>
>
> Erwin
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
