Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 06 Jan 2001 23:09:18 -0700
From:      Wes Peters <wes@softweyr.com>
To:        Robert Watson <rwatson@FreeBSD.ORG>
Cc:        Artem Koutchine <matrix@ipform.ru>, security@FreeBSD.ORG, questions@FreeBSD.ORG
Subject:   Re: Antisniffer measures (digest of posts)
Message-ID:  <3A58080E.335DEC57@softweyr.com>
References:  <Pine.NEB.3.96L.1010106133125.17685E-100000@fledge.watson.org>

next in thread | previous in thread | raw e-mail | index | archive | help
Robert Watson wrote:
> 
> I'm going to reply to Wes's message, but not necessarily specifically in
> response to his comments.  I haven't had a chance to read all the messages
> in the thread yet, as I'm still catching up on back e-mail from my travel,
> but had a few comments to make that might or might not be relevant:
> 
> - Ethernet switches generally don't help with sniffing problems, even with
>   hard-coded MAC addresses, as they only provide link-layer protection.
>   As has been pointed out, a variety of ARP-layer, IP-layer, and
>   application-layer tricks can be employed to overcome link-layer switch
>   limitations, including ARP spoofing, IP redirects and router message
>   spoofing, in addition to DNS spoofing.
> 
> - Limitations in SSH stem from the lack of an automated certification
>   process, and from some clients that don't provide an interface for
>   managing public key introduction or inconsistency reporting.  In
>   addition, all SSH clients I've used have problems differentiating
>   service and transport namespaces, meaning that they are vulnerable to a
>   variety of DNS and IP-spoofing based attacks.  Most of these attacks
>   can be addressed by integrating some form of certification into SSH
>   (manual or automatic) using a signing or certificate mechanism, such
>   as PGP-signed key fingerprints, integration into X.509 or DNSSEC
>   cert hierarchies, or a key distribution service.  However, the lack
>   of a well-defined name->key binding mechanism presents a number of
>   problems that must be resolved.  I know of ongoing work to integrate
>   DNSsec and OpenSSH at NAI Labs and (I believe) ISI.  I assume other
>   work has been done relating to X.509, but haven't seen it if so.  The
>   statements that the well-known dsniff man-in-the-middle attack stems
>   entirely from user error is probably not correct -- clients don't
>   provide even minimal key management functionality, many not even
>   displaying fingerprints for new keys introduced, or not making correct
>   use of name/IP->key mappings.  That said, users who are careful and
>   understand the implications of keying decisions made when using SSH
>   will be safe from these attacks.
> 
> End-to-end encryption is probably the answer to the problems seen by this
> user -- however, FreeBSD has relatively poor IPsec integration due to lack
> of IKE in the base system, making configuration and management of IPsec
> somewhat of a nightmare.  And without DNSsec, DNS spoofing can provide a
> number of avenues for attack even with IPsec (especially if NFS is used).
> If you limit use of network protocols to properly pre-keyed and certified
> SSH and anonymous services (such as http), you should be fine in practice.
> Kerberos can also provide relatively comprehensive protection, if
> configured correctly and with integrity/privacy protection turned on when
> appropriate.
> 
> For those seeking to remedy these problems, you might consider what would
> be involved in adding X.509 certificate support to SSH in the style of
> SSL, working with the OpenSSL project to provide an improved crypto-API
> with better algorithm abstractions, as well as work to improve the quality
> and integration of DNSsec implementations to help with deployment.
> Similarly, work to help the KAME project get their IKE daemon into
> production-quality condition would probably be widely welcomed and
> appreciated.

Or just provide us with a really good telnet-over-SSL client.

An excellent summary, Robert.

-- 
            "Where am I, and what am I doing in this handbasket?"

Wes Peters                                                         Softweyr LLC
wes@softweyr.com                                           http://softweyr.com/


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3A58080E.335DEC57>