[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

ssh security question



my laptop has two net interfaces, one wired and one wireless. they
have different MAC addresses, but i configured my DHCP server to treat
them the same so that i usually have the same IP no matter what card i
use.

i just noticed a curious bit of possible security awkwardness. with my
wired card, i established an ssh2 connection to another machine on my
subnet, then i proceeded to swap the cards - and i could continue
using my ssh2 session as soon as the new card received an IP (the same
one). now i ask you - this smells like a problem to me, or not?
shouldn't sshd at least worry about the MAC address too (can it?) just
an IP is too easy to spoof (MAC are too i guess).

martin;              (greetings from the heart of the sun.)
  \____ echo mailto: !#^."<*>"|tr "<*> mailto:"; net@madduck
-- 
la lune, c'est comme les canards
il faut aimer caresser les chats
pour avoir envie d'y aller.



Reply to: