On Mon, 25 Jun 2012 22:47:27 -0500, J. Hellenthal <[email protected]>
wrote:
Still have yet to hear of something like this happening but its real
enough considering some of the exploits out there.
Cisco Ironport devices do MITM for SSL and SSH. Clearly someone wrote
enough of the code that this is feasible. It doesn't steal your passwords
though, just sniffs your unencrypted session traffic to "protect company
IP from being leaked". And yes, you'll get an error that the host key has
changed but it wouldn't be hard to put in the destination key if you had
it.
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "[email protected]"
