21 Oct
2004
21 Oct
'04
13:34
Mauro Teani wrote:
Protocol SSH1 is safe? I mean, if many users have access to a remote server on wich works a ssh server upgraded to the last patch, and i do it by mean of a ssh1 client (teraterm for example) may i be sure that the connection is safe or i must change to SSH2 protocol? Which type of attack may i expect as well than buffer-overflow?
SSHv1 is vulnerable to man-in-the-middle attacks. It's not a matter of a buffer-overflow, but someone actually being able to decrypt and read the traffic. For windows machines, I recommend PuTTY: http://www.chiark.greenend.org.uk/~sgtatham/putty/ Linux machines, of course, should already have OpenSSH installed...