IDS mailing list archives

RE: ssh and ids

From: Frank Knobbe <frank () knobbe us>
Date: Tue, 22 Jun 2004 10:14:40 -0500

On Mon, 2004-06-21 at 17:42, Matthew F. Caldwell wrote:

Applications that help in performing the "forensic" man in the middle
attack include ettercap http://ettercap.sourceforge.net or sshmitm (an
app from the dsniff suite) http://www.monkey.org/~dugsong/dsniff/


I thought MITM attacks on SSH work only on version 1 and only passwords.
Are you saying there are tools that can intercept SSHv2 traffic using
only keys?

Regards,
Frank

Attachment: signature.asc
Description: This is a digitally signed message part

Current thread:

Re: ssh and ids, (continued)
- - - Re: ssh and ids Martin Roesch (Jun 23)
    - Re: ssh and ids Christian Kreibich (Jun 24)
- Re: ssh and ids Gary Flynn (Jun 21)
  - Re: ssh and ids Frank Knobbe (Jun 22)
    - Re: ssh and ids Bamm Visscher (Jun 23)
    - Re: ssh and ids Frank Knobbe (Jun 23)
- Re: ssh and ids Ron Gula (Jun 21)
- RE: ssh and ids Wozny, Scott (US - New York) (Jun 21)
- RE: ssh and ids Omar Herrera (Jun 21)
- RE: ssh and ids Matthew F. Caldwell (Jun 22)
  - RE: ssh and ids Frank Knobbe (Jun 22)
- RE: ssh and ids Peter_Schawacker (Jun 22)
  - Re: ssh and ids Adam Powers (Jun 22)
  - Re: ssh and ids David W. Goodrum (Jun 22)
    - RE: ssh and ids Thierry Evangelista (Jun 23)
    - Re: ssh and ids David W. Goodrum (Jun 23)
    - Re: ssh and ids Tony Carter (Jun 24)
- RE: ssh and ids Koç.net (Jun 22)
- RE: ssh and ids Murtland, Jerry (Jun 22)
- RE: ssh and ids Runion Mark A FGA DOIM WEBMASTER(ctr) (Jun 22)
- RE: ssh and ids Peter_Schawacker (Jun 22)

(Thread continues...)