Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Secure-Shell
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: SSH with no crypt

from [AUGERT Jean Philippe (EURIWARE)] Network Security [Permanent Link]
Subject: RE: SSH with no crypt
Date: Thu, 16 Jun 2005 08:16:24 +0200 
        Hi Chris,

That's exactely this situation : my organization want to sniff every network
traffic but i use ssh for many  years, so a lot of scripts are based on this
protocol.

That's why i'would like to continue using SSH ....

Jean-Philippe AUGERT
Cellule Intranet et Reporting  &  Cellule Hebergement Web
EURIWARE - CSA - CHAMBERY - TECHNOLAC

-----Message d'origine-----
De : Price, Christopher [mailto:Christopher.Price@encana.com] 
Envoyé : mercredi 15 juin 2005 22:30
À : Andrew Haninger; Alvaro Colunga
Cc : AUGERT Jean Philippe (EURIWARE); secureshell@securityfocus.com
Objet : RE: SSH with no crypt


        Its possible that the client wants to use the non-repudiation
features for users and hosts from ssh but not encrypt the actual
session. Many large organizations prohibit encrypted traffic on their
internal network because they want to be able to sniff network traffic
on their internal network as part of their security auditing
methodology. Host based key authentication/verification is a good way to
ensure nobody inserts malicious hosts on the network that masquerade as
a trusted host.

        Chris


-----Original Message-----
From: Andrew Haninger [mailto:ahaning@gmail.com] 
Sent: Wednesday, June 15, 2005 9:34 AM
To: Alvaro Colunga
Cc: AUGERT Jean Philippe (EURIWARE); secureshell@securityfocus.com
Subject: Re: SSH with no crypt


On 6/14/05, Alvaro Colunga <alvariux@gmail.com> wrote:

i think ssh without encryption would be telnet, you can use telnet if
you need a terminal without that feature

I think the original poster was requesting information on the
possibility of initializing a SSH2 connection without encryption as
was possible with an older version of SSH1.

It sounds like it will be difficult to find such a feature in a recent
version as it would seem so pointless.

Maybe a better description of the situation would make it easier for
people to give help.

-Andy


ATTENTION Le message contenu dans cet email ainsi que dans tout fichier
attaché est destiné exclusivement aux personnes dont le nom figure
ci-dessus. Il peut contenir des informations confidentielles ou protégées
par le secret professionnel et dont la divulgation est strictement prohibée.
Si vous avez reçu cet email par erreur,détruisez-en le contenu. Vous n'êtes
pas autorisé, dans cette hypothèse, à copier, distribuer ou conserver ce
message. Merci.
WARNING This information in this mail and in any attachments is intended for
the above-mentioned addressees only. It may contain privileged or
confidential informationthe review, dissemination or disclosure of which is
strictly prohibited. If you have received this email by error, please
destroy it. In this case, you are not authorisedto disclose, copy,
distribute, or retain this message or any part of it. Thank you.
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: SSH with no crypt, Nathan Jackson
Next by Date:  FW: OpenSSH connection Problem, Muktheshwar Sharma
Previous by Thread:  RE: SSH with no crypt, Price, Christopher
Next by Thread:  RE: SSH with no crypt, AUGERT Jean Philippe (EURIWARE)
Indexes:  [Date] [Thread] [Top] [All Lists]