[lug] Attacks Intensifying
jafo at tummy.com
Sat Nov 20 19:33:56 MST 2004
On Wed, Nov 03, 2004 at 11:48:08AM -0700, Dean Brissinger wrote:
>the middle attack. Any desktop machine on the same LAN as either the
>client or the server can promote itself to route all traffic through
Good switches will, of course, prevent this. This is also a good reason
for not using password authentication, and instead using SSH agent. With
ssh agent, authentication is done via a challenge/response and a
man-in-the-middle can't use that information for future authentications.
Of course, if you ignore the warnings about host keys changing, you kind of
deserve what you get.
The "PEANUTS" gang finds their first root-kit in "YOU'RE AN 3L33T H4CK3R
NOW, CHARLIE BROWN".
Sean Reifschneider, Member of Technical Staff <jafo at tummy.com>
tummy.com, ltd. - Linux Consulting since 1995. Qmail, Python, SysAdmin
More information about the LUG