--
James A. Donald:
SSH server public/private keys are widely deployed.
PKI public keys are not. Reason is that each SSH
server just whips up its own keys without asking
anyone's permission, or getting any certificates.
Eric Murray:
..which means that it [ssh-- ericm]
On Sat, 6 Sep 2003, Eric Murray wrote:
On Fri, Sep 05, 2003 at 09:01:51AM -0700, Major Variola (ret) wrote:
Can we assume that the spam is generated by regexp-type programs?
If so, are there good methods for inferring the regexp from examples,
and using this to infer spamfiltering
--
James A. Donald:
Think about what would happen if you tried a man in the
middle attack on an SSH server.
Eric Murray:
By checking the key against the IP address of the server.
This is easily spoofed. The links I included in my last post
pointed to a tool to do just that
