Re: two questions about ssh tunneling

To: debian-user@lists.debian.org
Subject: Re: two questions about ssh tunneling
From: Celejar <celejar@gmail.com>
Date: Sat, 5 Dec 2009 19:54:58 -0500
Message-id: <[🔎] 20091205195458.9d67aa67.celejar@gmail.com>
In-reply-to: <[🔎] 20091204221311.GK7221@yi.org>
References: <[🔎] 638138.48403.qm@web114119.mail.gq1.yahoo.com> <[🔎] 20091204221311.GK7221@yi.org>

On Fri, 4 Dec 2009 14:13:11 -0800
Tyler MacDonald <tyler@macdonald.name> wrote:

> Tudod Ki <tudodki88@yahoo.com> wrote:

...

> > - Can anyone sniff the traffic of computer "B"? e.g.: B computer is at a
> > - server farm [others in the farm can see the traffic?] - I think yes, but
> > - I'm not sure :O
> 
>   Yes, that's possible. However, in most colocated environments, you are on
> a switch, not a hub -- so in that case, the attacker would have to be
> sniffing directly from a router to see your traffic. If you want to know for
> sure, ask your ISP.

But IIUC, even where switches are used, MITM attacks to sniff traffic
are still possible for other hosts on the LAN, either through ARP
poisoning, or through port stealing if the switch isn't implementing
port security:

http://ettercap.sourceforge.net/forum/viewtopic.php?t=2392
http://ettercap.sourceforge.net/forum/viewtopic.php?t=2329

Celejar
-- 
foffl.sourceforge.net - Feeds OFFLine, an offline RSS/Atom aggregator
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator

Reply to:

References:
- two questions about ssh tunneling
  - From: Tudod Ki <tudodki88@yahoo.com>
- Re: two questions about ssh tunneling
  - From: Tyler MacDonald <tyler@macdonald.name>

Prev by Date: Re: Slow connections in Debian squeeze
Next by Date: Re: [OT] Customizing keyboard shortcuts in Iceweasel
Previous by thread: Re: two questions about ssh tunneling
Next by thread: Re^2: Finding the source for a NIC driver.
Index(es):
- Date
- Thread