Mailinglist Archive: opensuse-security (616 mails)

< Previous Next >
Re: [suse-security] What to do against ARP-Poisoning?
  • From: Roland Hilkenbach <roland@xxxxxxxxxxxxxxxxxx>
  • Date: Mon, 18 Mar 2002 17:41:53 +0100
  • Message-id: <200203181641.RAA31973@xxxxxxxxxxxxxxxxxxxxxxxx>
Am Montag, 18. März 2002 14:50 schrieb Reckhard, Tobias:
> [snip]
> > The websites are not too interesting for attackers
> Umm.. see the issue of Cryptogram released today. Check
>, lesson number 1.

Good point, I shouldn't take that too easy too

> > and login is done via ssh
> > (v2) only, so at least I get a warning if something strange
> > happens.

> Be sure to notice host key changes and don't use server-stored passwords
> for authentication. They'd pass through the 'router' as well and he could
> rather easily set up an SSH proxy.

Sure, I type in "yes" only once for a certain server...

> > But the mail-traffic remains a problem! As far as I can see up to
> > now, sendmail-tls and qpopper use plain text at least for the mail-body.
> > So the content is disclosed to any attacker if not the username/password.
> Well, SMTP and POP3 are clear-text protocols by nature. You can stack them
> on top of SSL/TLS, but you need clients that can do that as well. With
> emails, encryption and authentication of the message content using PGP or
> S/MIME is also in widespread use.

Well, as You can see in my ethereal-output even SMTP-TLS sends the BODY of
the mail in plain text! I didn't try up to now but I fear, qpopper will do
the same. Only the authentification is encrypted not the data. I would have
to convince all users to use PGP or GPG and I don't belive I'll succeed :-(

> > I sure try to avoid
> > ftp, but webmasters on Mac are used to FTP... Maybe there's a
> > scp-client for Macs? I'll have a look.
> Another option would be to use IPSec or a functionally similar VPN
> technology.

I'll try to talk to the Mac-User to see what's possible there...

> Cheers
> Tobias

Thank You for Your thoughts

Roland Hilkenbach

< Previous Next >