From owner-freebsd-security  Mon Dec 18 17:32: 6 2000
From owner-freebsd-security@FreeBSD.ORG  Mon Dec 18 17:32:04 2000
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from homer.softweyr.com (mail.dobox.com [208.187.122.44])
	by hub.freebsd.org (Postfix) with ESMTP id A04A137B400
	for <freebsd-security@freebsd.org>; Mon, 18 Dec 2000 17:32:03 -0800 (PST)
Received: from [127.0.0.1] (helo=softweyr.com ident=Fools trust ident!)
	by homer.softweyr.com with esmtp (Exim 3.16 #1)
	id 148BhH-00007j-00; Mon, 18 Dec 2000 18:36:07 -0700
Sender: wes@FreeBSD.ORG
Message-ID: <3A3EBB86.3F1AD9EC@softweyr.com>
Date: Mon, 18 Dec 2000 18:36:06 -0700
From: Wes Peters <wes@softweyr.com>
Organization: Softweyr LLC
X-Mailer: Mozilla 4.75 [en] (X11; U; Linux 2.2.12 i386)
X-Accept-Language: en
MIME-Version: 1.0
To: David Talkington <dtalk@prairienet.org>
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: dsniff 2.3 info:
References: <Pine.LNX.4.30.0012180328520.933-100000@sherman.spotnet.org>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

David Talkington wrote:
> 
> Crist J. Clark wrote:
> 
> >SSH is already fixed. Earlier in the text,
> >
> >    SSH simply uses a secret and public key, and since they are
> >    generally not signed, it is trivial for an attacker to sit in the
> >    middle and intercept the connection... If you do have the server's
> >    public key, you will generally receive a warning like "Warning:
> >    server's key has changed. Continue?" Most users will hit Yes.
> >
> >No, this is not accurate in my experience. Most clients will not let
> >you use a server when the key does not match unless you manually
> >remove the old key from the key list. Most clients at least have BIG
> >FLASHY MESSAGES telling the user that a changed key means someone
> >might be doing something Very Naughty, not just a simple, "Warning:
> >server's key has changed. Continue?"
> 
> SSH Communications clients (at least for Unix), both protocols, will
> allow the user to accept a new key with just a keystroke.  My
> experience suggests that most users won't even bat an eye at the
> "SOMETHING NASTY MIGHT BE HAPPENING" message; they'll just hit "y" and
> go on with their days.  Maybe the result of learning to reflexively
> dismiss Microsoft's "Are you sure?"s ...
> 
> *sigh* indeed for social engineering.  We can debug code, but not
> humans.

Sounds like it's time for:

	Warning: the security credentials for this server have changed.
	Enter any 11-digit prime number to continue: ___________

-- 
            "Where am I, and what am I doing in this handbasket?"

Wes Peters                                                         Softweyr LLC
wes@softweyr.com                                           http://softweyr.com/


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message