Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

IPChains question (SOLVED)

I would not want to say that anything is completely safe, but I would
expect that ssh is among the least likely services to be compromised in
this way.  Once the channel is opened, all of the data is handled using a
cryptographic exchange that would guarantee authentication.  Even if the
circuit could be intercepted, ssh would not allow a third party to conduct
a man-in-the-middle attack.  Also, ssh has some protection against an
attack being conducted during the negotiation of the inital exchange, if
the hosts have ever exchanged keys before.

-- Mike

On 2000-05-15 at 09:43 -0400, Christoph Doerbeck A242369 wrote:

> Perhaps someone else can elaborate even further on this, but I've been reading
> up on "port hijacking".  Apparently, after a TCP connection completes, the
> port remains open for a timeout-period during which, an intruder can exploit
> various attacks to gain access or execute DOS (Denial of Service).
> At any rate, to my understanding one of the DNS exploits is based on this.
> I would think that making your gloabal timeouts larger is counter productive
> and it might be wiser to shorten the SSH keep-alive heartbeats...
> Comments?  Or am I completely off base...

Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at (Subject line is ignored).

BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!

Boston Linux & Unix /