[SATLUG] OT: Router-related question
dkowis at shlrm.org
Thu Feb 11 07:23:43 CST 2010
On 2/10/2010 8:39 PM, redpill wrote:
> I wouldn't say that SSH is insecure, its not. My point is that SSH or
> for that matter any form of encrypted communication is only as secure as
> the practices that surround their use. SSH encryption can be cracked
> (http://www.youtube.com/watch?v=7CP-JB4QARo), SSL can be cracked
> (http://www.youtube.com/watch?v=7kQ_nTRt37c), and its getting easier and
> easier to do so.
> I understand that stuff has to get done and these protocols will be used
> what I am saying is that you should never think that just because you
> are using HTTPS or SSH you secure.
> In the above scenario All someone would need to do is run a tcpdump (say
> tcpdump -nXSe -s 1545 -c 5000 -t port 443 -w somefilename) scp the
> capfile out of the network. once the cap file is out of the network it
> can be analyzed and decrypted at the cracker's leisure.
> the point is your never as secure as you think you are.
This is true, but one has to weigh the value and expiry of the data. For
example, scping an excel spreadsheet at home with a shopping list on it
isn't worth some l33t haxx0rs time. Crypto is a balance of security and
expiry of the important data. This is why changing passwords is
important, if not as important as once a month (as some companies
believe it is.)
Note that the posted ssh cracking video isn't actually compromising the
crypto, but logging in due to poor password selection.
And they're doing a MITM attack to compromise your ssl link. If you've
got your ssh host keys identified, you should be able to counter this.
They present a false certificate. So this is still not compromising the
crypto, but compromising a foolish user.
If you can set up a verified secure connection, you should be in good
shape, unless someone with a Cray 3 wants your mp3s you're scp'ing to
More information about the SATLUG