on Fri, Aug 24, 2001 at 10:35:49AM +0100, Sean Neakums scribbled:
begin MJ Ray quotation:
802.11? Airsnort!
ssh, stunnel, ipsec...
ssh: mitm, key stroke analysis (which seems to have been "discovered" lately but i thought it was obvious to anyone sitting down with tcpdump and an ethernet with ssh...) stunnel: mitm, packet frequency stuff, depending on application.
ipsec: manual keying: spoofed packets and a dictionary/brute force attack, some cryptanalysis depending on known info and algos (replay?) preshared key: same as manual keying, just not so easy with existing sessions
certificates: harder, assuming it sticks strickly to certain certs for certain boxes. otherwise mitm. (mitm = man in the middle) http://lists.freeswan.org/pipermail/users/2001-June/000658.html
The problem with certificate based approaches is that in order to be relatively certain of the peers identity a second secure channel of communication is necessary to transmit the public certificates, otherwise, mitm is easy. And since you are trying to establish a secure channel, this makes it a chicken and egg problem.