From owner-freebsd-security Mon Dec 18 11: 6:50 2000 From owner-freebsd-security@FreeBSD.ORG Mon Dec 18 11:06:48 2000 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from sol.cc.u-szeged.hu (sol.cc.u-szeged.hu [160.114.8.24]) by hub.freebsd.org (Postfix) with ESMTP id 67ADA37B400 for ; Mon, 18 Dec 2000 11:06:47 -0800 (PST) Received: from petra.hos.u-szeged.hu by sol.cc.u-szeged.hu (8.9.3+Sun/SMI-SVR4) id UAA25141; Mon, 18 Dec 2000 20:06:45 +0100 (MET) Received: from sziszi by petra.hos.u-szeged.hu with local (Exim 3.12 #1 (Debian)) id 1485cS-0005ze-00 for ; Mon, 18 Dec 2000 20:06:44 +0100 Date: Mon, 18 Dec 2000 20:06:44 +0100 From: Szilveszter Adam To: freebsd-security@freebsd.org Subject: Re: dsniff 2.3 info: Message-ID: <20001218200644.A22374@petra.hos.u-szeged.hu> Mail-Followup-To: Szilveszter Adam , freebsd-security@freebsd.org References: <20001218110637.D6395@petra.hos.u-szeged.hu> <20001218194219.A1481@crow.dom2ip.de> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20001218194219.A1481@crow.dom2ip.de>; from tmoestl@gmx.net on Mon, Dec 18, 2000 at 07:42:19PM +0100 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, Dec 18, 2000 at 07:42:19PM +0100, Thomas Moestl wrote: > On Mon, Dec 18, 2000 at 11:06:37AM +0100, Szilveszter Adam wrote: > > Now let's consider the scenario that the author presents us with. This > > involves a man-in-the-middle-attack where the only thing the attacker does > > is that she intercepts the messages on the wire and always re-encrypts them > > and then passes them on. This scenario assumes that the parties have no way > > of knowing who the other party is other than what they say they are and > > also that they have not been in contact before. This will be most probably > > true for SSL transactions, especially if the server's CA is self-signed > > but anyway for the user side. > >From the dsniff FAQ: > Local clients attempting to connect to Hotmail will be sent to your > machine instead, where webmitm will present them with a self-signed > certificate (with the appropriate X.509v3 distinguished name), and relay > their sniffed traffic to the real Hotmail site. > > Now, if the Site the victim wants to connect to has had a valid certificate, > a fat dialog will suddenly pop up on any Browser telling the user that the > ceritificate is not trusted (and it did not before). It's just like with > ssh: the user _is_ warned, if he chooses to click OK, that's his/her fault. > Or am I mistaken here? Entirely correct and in fact I did not say anything else:-) The problem *is* harder to solve however, if this is your first visit to the site (and therefore there is no "previously") and you do not know if you should trust the cert presented. (Which may be self-signed even. There is a mobile phone operator here in Hungary who uses self-signed certs for their secure customer-service area. Of course, all you can do is look at the info there so no great damage potential but still...) and it is *not* common to call any SSL enabled web-site before visiting them... I also noted the exception that you would probably make with your bank but you use SSL a lot more than that... also, trusted certs make things a bit better, but I am not sure how good browsers are in determining certificate alterations and also, I have not yet read up on the way they would treat a CA-chain, that is, on top a CA that all browsers trust (say Verisign) below another, below possibly another but this last one may give out a false certificate (possibly even knowingly...) for say hotmail.com and then the attacker could use that... and I don't know if you would get a warning dialog in this case... of course, this is not a common scenario but still... also, I don't know if there is a way to turn this warning off in the browser... have not checked... in which case an exploit involving say ActiveX or other scripting... but this is just speculation. (but would be worth researching, possibly...) It all boils down to: S***t may happen but you can do a lot to avoid it, IMO. This makes it "reasonably secure". This is about all we can wish for... (BTW the same conclusion has been reached on misc@openbsd.org today, although they really care about security...) -- Regards: Szilveszter ADAM Szeged University Szeged Hungary To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message