From owner-freebsd-security Fri Jan 5 12:30:17 2001 From owner-freebsd-security@FreeBSD.ORG Fri Jan 5 12:30:12 2001 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from dan.emsphone.com (dan.emsphone.com [199.67.51.101]) by hub.freebsd.org (Postfix) with ESMTP id 9F8AB37B400; Fri, 5 Jan 2001 12:30:11 -0800 (PST) Received: (from dan@localhost) by dan.emsphone.com (8.11.1/8.11.1) id f05KU0T08654; Fri, 5 Jan 2001 14:30:00 -0600 (CST) (envelope-from dan) Date: Fri, 5 Jan 2001 14:30:00 -0600 From: Dan Nelson To: Artem Koutchine Cc: "David G. Andersen" , security@FreeBSD.ORG, questions@FreeBSD.ORG Subject: Re: Antisniffer measures (digest of posts) Message-ID: <20010105142959.A27186@dan.emsphone.com> References: <200101052002.NAA29203@faith.cs.utah.edu> <002f01c07753$af808400$0c00a8c0@ipform.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.3.13i In-Reply-To: <002f01c07753$af808400$0c00a8c0@ipform.ru>; from "Artem Koutchine" on Fri Jan 5 23:11:25 GMT 2001 X-OS: FreeBSD 5.0-CURRENT Sender: dan@dan.emsphone.com Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In the last episode (Jan 05), Artem Koutchine said: > > Nope, dsniff breaks SSL and SSH1. > dsniff does *not* "break" SSL or SSH1. If you are silly enough to answer "yes" to the warning ssh spits out, you get what you deserve. @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that the host key has just been changed. Please contact your system administrator. Agent forwarding is disabled to avoid attacks by corrupted servers. X11 forwarding is disabled to avoid attacks by corrupted servers. Are you sure you want to continue connecting (yes/no)? -- Dan Nelson dnelson@emsphone.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message