Home page logo

bugtraq logo Bugtraq mailing list archives

Re: sshd1 allows unencrypted sessions regardless of server policy
From: davids () WEBMASTER COM (David Schwartz)
Date: Wed, 15 Dec 1999 13:32:37 -0800

That aside, this hole could be useful in a situation where Party A wants
to help Party B compromise a system without leaving a paper trail.  Party
A trojans an ssh client binary, Innocent Bystander C does an ssh
connection somewhere, and Party B sniffs the cleartext traffic.  No
evidence to point to Party B.  If instead Party A trojaned the binary to
send Party B a carbon-copy, and a white hat could extract this, then Party
B is implicated.


        Nonsense. He could just as easily trojan ssh to broadcast the encryption
key. If he can sniff the cleartext traffic, he can sniff the key. The point
stands -- a server cannot protect you against a client compromise.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]