[lug] Attacks Intensifying

Sean Reifschneider jafo at tummy.com
Sat Nov 20 19:33:56 MST 2004

On Wed, Nov 03, 2004 at 11:48:08AM -0700, Dean Brissinger wrote:
>the middle attack.  Any desktop machine on the same LAN as either the
>client or the server can promote itself to route all traffic through

Good switches will, of course, prevent this.  This is also a good reason
for not using password authentication, and instead using SSH agent.  With
ssh agent, authentication is done via a challenge/response and a
man-in-the-middle can't use that information for future authentications.

Of course, if you ignore the warnings about host keys changing, you kind of
deserve what you get.

 The "PEANUTS" gang finds their first root-kit in "YOU'RE AN 3L33T H4CK3R
Sean Reifschneider, Member of Technical Staff <jafo at tummy.com>
tummy.com, ltd. - Linux Consulting since 1995.  Qmail, Python, SysAdmin

More information about the LUG mailing list