IPChains question (SOLVED)
Mike Bilow
mikebw at colossus.bilow.com
Mon May 15 10:36:25 EDT 2000
I would not want to say that anything is completely safe, but I would
expect that ssh is among the least likely services to be compromised in
this way. Once the channel is opened, all of the data is handled using a
cryptographic exchange that would guarantee authentication. Even if the
circuit could be intercepted, ssh would not allow a third party to conduct
a man-in-the-middle attack. Also, ssh has some protection against an
attack being conducted during the negotiation of the inital exchange, if
the hosts have ever exchanged keys before.
-- Mike
On 2000-05-15 at 09:43 -0400, Christoph Doerbeck A242369 wrote:
> Perhaps someone else can elaborate even further on this, but I've been reading
> up on "port hijacking". Apparently, after a TCP connection completes, the
> port remains open for a timeout-period during which, an intruder can exploit
> various attacks to gain access or execute DOS (Denial of Service).
>
> At any rate, to my understanding one of the DNS exploits is based on this.
>
> I would think that making your gloabal timeouts larger is counter productive
> and it might be wiser to shorten the SSH keep-alive heartbeats...
>
> Comments? Or am I completely off base...
-
Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at blu.org (Subject line is ignored).
More information about the Discuss
mailing list