Re: about sniffing

To: "Nikolay Hristov" <geroy@mbox.stemo.bg>, <debian-security@lists.debian.org>
Subject: Re: about sniffing
From: Christian Jaeger <christian.jaeger@sl.ethz.ch>
Date: Sat, 21 Jul 2001 21:27:03 +0100
Message-id: <p04320400b77f93dd90cf@[192.168.1.2]>
In-reply-to: <[🔎] 007501c1126f$2ed279a0$0201a8c0@pukn>
References: <[🔎] 007501c1126f$2ed279a0$0201a8c0@pukn>

At 22:28 Uhr -0700 21.7.2001, Nikolay Hristov wrote:

I've found some utilities that claims that can sniff ssh1 and https
traffic (man-in-the-middle attack) -
<http://ettercap.sourceforge.net>http://ettercap.sourceforge.net
Is it true?  And why are these certificates and SSL support for web
servers? Can someone explain why it is possible or why it isn't?


I think ssh will warn the user that the host key has changed. So
don't blindly tell ssh to accept the new one :-)

For https attacks, you will probably need an 'officially' signed
server certificate if you don't want the users' browser complain
about invalid certificates.

Why don't you try it? :-) (I'll do when I find time)

christian.

btw don't use html email

Reply to:

Follow-Ups:
- Re: about sniffing
  - From: Alson van der Meulen <alson@linuxfreak.nl>

References:
- about sniffing
  - From: "Nikolay Hristov" <geroy@mbox.stemo.bg>

Prev by Date: about sniffing
Next by Date: Re: about sniffing
Previous by thread: about sniffing
Next by thread: Re: about sniffing
Index(es):
- Date
- Thread