Date: Tue, 26 Jun 2012 09:12:57 -0500 From: Mark Felder <feld@feld.me> To: freebsd-security@freebsd.org Subject: Re: Hardware potential to duplicate existing host keys... RSA DSA ECDSA was Add rc.conf variables... Message-ID: <op.wgikfvy134t2sn@tech304> In-Reply-To: <20120626034727.GA56503@DataIX.net> References: <86pq8nxtjp.fsf@ds4.des.no> <20120625223807.4dbeb91d@gumby.homeunix.com> <4FE8DF29.50406@FreeBSD.org> <20120625235310.3eed966e@gumby.homeunix.com> <4FE8F814.5020906@FreeBSD.org> <20120626015323.02b7f348@gumby.homeunix.com> <4FE9094A.4080605@FreeBSD.org> <20120626024624.4c333bd2@gumby.homeunix.com> <4FE916AA.6050503@FreeBSD.org> <20120626035609.0d0f061b@gumby.homeunix.com> <20120626034727.GA56503@DataIX.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 25 Jun 2012 22:47:27 -0500, J. Hellenthal <jhellenthal@dataix.net> wrote: > > Still have yet to hear of something like this happening but its real > enough considering some of the exploits out there. > Cisco Ironport devices do MITM for SSL and SSH. Clearly someone wrote enough of the code that this is feasible. It doesn't steal your passwords though, just sniffs your unencrypted session traffic to "protect company IP from being leaked". And yes, you'll get an error that the host key has changed but it wouldn't be hard to put in the destination key if you had it.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?op.wgikfvy134t2sn>