MJ Ray markj@cloaked.freeserve.co.uk writes:
Can someone clue me in on how MITM attack would work here?
Key stroke analysis even.
I'm probably just hard-of-thinking this morning.
Yes, you are, aren't you?
on Fri, Aug 24, 2001 at 03:13:15PM +0100, MJ Ray scribbled:
MJ Ray markj@cloaked.freeserve.co.uk writes:
Can someone clue me in on how MITM attack would work here?
Key stroke analysis even.
http://www.openwall.com/advisories/OW-003-ssh-traffic-analysis.txt It's quite fun looking at a certain stream and guessing what the user is doing. One long burst normally indicates a full screen editor/program. Regular short updates tend to imply something like a progress bar (wget, bsd ftp). And as the paper says, single characters, sometimes typed quite quickly, sometimes slowly (because passwords can be complex to type), that are not echoed back, tend to be passwords. Surely the echo control should be on the client side. Anyhow.
I'm probably just hard-of-thinking this morning.
Yes, you are, aren't you?
hehe, it would seem soo.. :)
-
MJ Ray -
xsprite@bigfoot.com