Re: Can SSH mitigate MITD?

From: Danshtr (danshtr@gmail.com)
Date: Thu Jun 28 2007 - 02:09:42 ART

• Next message: Arin and Rachel Richmond: "Re: More R&S Strategy"
• Previous message: Shamin: "Re: R&S Lab Strateg"
• Maybe in reply to: nhatphuc: "Can SSH mitigate MITD?"
• Next in thread: Petr Lapukhov: "Re: Can SSH mitigate MITD?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

What do you mean by "hijack the SSH Connection"?

If you managed to do so to an already open SSH session then we are all in
big trouble.
If not, what client did you use? Putty, SecureCRT, OpenSSH should warn you
that the SSH server key was changed.
Which SSH version where you using?

On 6/28/07, nhatphuc <nhatphuc@gmail.com> wrote:
>
> Hi all,
>
> I configure SSH on Router, and use CAIN to arp spoofing and hijack the
> SSH Connection from PC to Router. I can get the password.
>
> So does SSH really prevent MITD? In this case, how to prevent password
> loss if the network is under arp spoofing?
>
> Thanks
>
> Phuc
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>

-- 
Best regards,
Dan

• Next message: Arin and Rachel Richmond: "Re: More R&S Strategy"
• Previous message: Shamin: "Re: R&S Lab Strateg"
• Maybe in reply to: nhatphuc: "Can SSH mitigate MITD?"
• Next in thread: Petr Lapukhov: "Re: Can SSH mitigate MITD?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Jul 01 2007 - 17:24:52 ART