From owner-freebsd-security Fri Jan 5 17:17:36 2001 From owner-freebsd-security@FreeBSD.ORG Fri Jan 5 17:17:31 2001 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mothra.ecs.csus.edu (mothra.ecs.csus.edu [130.86.76.220]) by hub.freebsd.org (Postfix) with ESMTP id 9371637B404; Fri, 5 Jan 2001 17:17:31 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by mothra.ecs.csus.edu (8.11.1/8.11.1) with ESMTP id f061Gd001393; Fri, 5 Jan 2001 17:16:39 -0800 (PST) (envelope-from joseph@randomnetworks.com) Date: Fri, 5 Jan 2001 17:16:39 -0800 (PST) From: Joseph Scott X-X-Sender: To: Artem Koutchine Cc: Alfred Perlstein , "David G. Andersen" , , Subject: Re: Antisniffer measures (digest of posts) In-Reply-To: <005601c07755$b0604ac0$0c00a8c0@ipform.ru> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Fri, 5 Jan 2001, Artem Koutchine wrote: # # ----- Original Message ----- # From: "Alfred Perlstein" # To: "Artem Koutchine" # Cc: "David G. Andersen" ; ; # # Sent: Friday, January 05, 2001 11:20 PM # Subject: Re: Antisniffer measures (digest of posts) # # # > * Artem Koutchine [010105 12:12] wrote: # > > # > > > A final solution is simply to encrypt all sensitive traffic at the # > > > application layer. Use SSL for http/pop3/etc. Use SSH for remote # > > > access. Etc. Not perfect, but works. # > > # > > Nope, dsniff breaks SSL and SSH1. # > # > What's wrong with using SSH2? You can use port forwarding over # > remote localhost to do it: # # Hmm.. How do i do that on a Win9x box? How do i make use SSH2 # when connecting to a POP3/SMTP/HTTP? You can get a very nice ssh windows client from : http://www.ssh.com/ Depending on what type of organization you work for you may have to pay for licenses. I use it at my office, works nicely. I've read through most of this thread and it sounds like something that would be helpful is to read up dealing with network security in general, IE, it's all about policy. If you don't have the ability to inflict consequences for breaking policy then it's likely that no amount/type of technology with fix everything 100%. I know it's hard to do, but more often than not, internal security boils down to a social solution more than a tech one. The policies should drive the technology, not the other way around. All of that being said, I believe you best bet is to require use of "more" secure protocols, IE, they don't send things in the clear. They will always be far from perfect, but they'll be a lot better than not using them at all. *********************************************************** * Joseph Scott The Office Of Water Programs * * joseph@randomnetworks.com joseph.scott@owp.csus.edu * *********************************************************** To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message