Network Security: Detailed info on RE: Need some education: Man-in-the-Middle Attacks

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Secure-Shell

[Top] [All Lists]

RE: Need some education: Man-in-the-Middle Attacks

from [Nathan Jackson-Eeles] Network Security

[Permanent Link]

Subject:	RE: Need some education: Man-in-the-Middle Attacks
Date:	Thu, 31 Aug 2006 14:11:43 +0200

Bryan,

The way to stop the mitm attack is to pre-install the server's host
key in the clients known_hosts file and set up the client so it won't
connect to a host that doesn't match the pre-installed key.
This key is the public key of the host and is used in a
challange-response authentication to make sure that the host you are
contacting actually holds the matching private key (server
authentication).

HTH,

Nathan

On 8/29/06, Christ, Bryan <bryan.christ@hp.com> wrote:

All,

Please pardon my naivete.

I was looking at the diagram on the URL listed below and contemplating
how host fingerprinting prevents MITM attacks.

http://www.vandyke.com/solutions/ssh_overview/ssh_overview_threats.html

So my question is this... Given the illustration in the URL above, what
prevents Eve from *first* contacting Alice to obtain a fingerprint which
then gets passed to Bob on the first connection attempt?

[More messages with this same subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Need some education: Man-in-the-Middle Attacks, Christ, Bryan Re: Need some education: Man-in-the-Middle Attacks, Mark Senior Re: Need some education: Man-in-the-Middle Attacks, Christ, Bryan Re: Need some education: Man-in-the-Middle Attacks, Daniel DeLeo Re: Need some education: Man-in-the-Middle Attacks, Steve Bonds Re: Need some education: Man-in-the-Middle Attacks, M. Gotaishi Message not available RE: Need some education: Man-in-the-Middle Attacks, Nathan Jackson-Eeles <= Message not available Re: Need some education: Man-in-the-Middle Attacks, Christ, Bryan Re: Need some education: Man-in-the-Middle Attacks, jacob . devenport

Previous by Date:	Re: openssh usePAM publickey and pam_filter issue, Enrique de la Torre Gordaliza
Next by Date:	Re: Need some education: Man-in-the-Middle Attacks, Christ, Bryan
Previous by Thread:	Re: Need some education: Man-in-the-Middle Attacks, M. Gotaishi
Next by Thread:	Re: Need some education: Man-in-the-Middle Attacks, Christ, Bryan
Indexes:	[Date] [Thread] [Top] [All Lists]