Re: Sniffing SSH and HTTPS

To: Davy Gigan <davy@info.unicaen.fr>
Cc: debian-security@lists.debian.org
Subject: Re: Sniffing SSH and HTTPS
From: Alvin Oga <aoga@Maggie.Linux-Consulting.com>
Date: Tue, 28 Aug 2001 13:48:42 -0700 (PDT)
Message-id: <Pine.LNX.3.96.1010828134605.28327A-100000@Maggie.Linux-Consulting.com>
In-reply-to: <15243.51851.718803.248331@info.unicaen.fr>

hi ya

and for the list of the rest of the sniffers to check out...
	http://www.Linux-Sec.net/Sniffer

one of the boxes i had over the past 3 years was sniffed ... probably
ssh-1.x series ... just didnt know how they did it 3 yrs ago
	- no damage done ... but a good trick...

have fun
alvin

On Tue, 28 Aug 2001, Davy Gigan wrote:

> Jan-Hendrik Palic writes:
>  > http://ettercap.sourceforge.net/
>  > 
>  > Is it possible? Are SSH und HTTPS connections unsecure and how do we
>  > make is secure than?
> 
> old ssh protocol v1.5 IS a security hole, you can snif it. I don't know any vulnerability
> for the last OpenSSH_2.9p2 or OpenSSH_2.5.2p2 (which is last in debian security's updates)
> ... for the moment. Remember there is no 100% secure software.
> 
> Don't know for https, but that's not a surprise then.
>

Reply to:

References:
- Re: Sniffing SSH and HTTPS
  - From: Davy Gigan <davy@info.unicaen.fr>

Prev by Date: Re: Secure Network Filesystem
Next by Date: Re: Linux LDAP problem
Previous by thread: Re: Sniffing SSH and HTTPS
Next by thread: Re: Sniffing SSH and HTTPS
Index(es):
- Date
- Thread