Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?

Overconfidence in SSH Protection 194

nitsudima writes to mention a post on the Informit site about the common misunderstandings surrounding SSH, and how well-intentioned admins may be creating holes in their own security by using it. From the article: "In UNIX, all things are files. To send network traffic, UNIX writes the traffic to the network device file. In this case, the connection to Box A (and that private key used for authentication) is a socket file. This file will shuttle the authentication traffic between Box A and Box P. So what's the risk? Maybe the hacker can't get a copy of the private key through the socket file, but something better (from his/her view) can be done. If the hacker has root on Box D, he or she can point a private copy of the agent forwarding software to that socket file and thereby point the authentication process to the administrator's credentials--the ones kept on the 'safe' intranet. What are the chances that the administrator has configured access to all the DMZ servers he controls?"
This discussion has been archived. No new comments can be posted.

Overconfidence in SSH Protection

Comments Filter:
  • by louzerr ( 97449 ) <> on Saturday May 27, 2006 @08:23AM (#15415397) Homepage
    ... and your e-mail administrator can read your e-mail ... ... and your network administrator can see what web sites you're visiting ... ... and your ISP can watch your internet traffic ... ... and the NSA can listen to your phone ...

    So, the real trick is just to live a life so borring none of these people will care to spy on you. Not all that hard, really. Considering you're on /. - you're probably doing okay.

The road to ruin is always in good repair, and the travellers pay the expense of it. -- Josh Billings