Network Security – so https and ssh are immune to arp spoofing right?



When a machine has been arp spoofed, ALL network traffic from it is likely passing through a “hostile” machine. So, NO, https and ssh traffic is not immune, it is travelling through a hostile machine. However, it should be encrypted. There are a few exceptions though. SSH version 1 is a broken encryption scheme and should be avoided like the plague. As far as I know SSH 2 should be safe. Pay attention to complaints about the host identification not being able to be verified….


HTTPS is also an encrypted protocol, usually used for online banking logins, etc. There is a problem though…. one of the responsibilities of certificate based authentication is that the end user has the ultimate call if a certificate doesn’t match. (You do look at those right?)… SO…. it’s possible that an ARP spoofing attacker machine decrypts the network data from the https:// protected website and then generates a forged certificate and a new encrypted stream to the client machine.

The client machine at this point will complain and say something along the lines that the certificate could not be verified do you still want to accept? So, if the end user supports the forged certificate, then all https passwords can be sniffed as well, because they’ve accepted a fake certificate. So the moral of this story is to be extremely cautious when accepting dubious certificates. HTTPS can be secure, but ultimately it’s up to the end user whether or not they accept a forged certificate.

So what hope is there against arp spoofing?

Related Posts

Blog Traffic Exchange Related Posts
  • How to Remove Desktop Security 2010 | Desktop Security 2010 Removal Guide Desktop Security 2010 is a rogue antivirus application. It is a successor to Total PC Defender and installs on your pc without permission through the use of malware. Once on your system it will create numerous files that it then finds during scheduled scans and it claims these files are......
  • Vandals banging on the door of ssh.... Sometimes I wish I wasn't curious about things.... The other night I was working on something on the testbox in the back room and saw the switch lights flickering fairly actively between the server and the internet gateway. At first I thought maybe it was some mail coming in, but......
  • Network Security guide for the home or small business network - Part 18 - What about Dialup Users? So, most everything so far has been targetted to high speed internet users or business networks. That means if I use dialup I'm safe. Wrong. For starters, in many ways dialup internet is LESS of a risk than high speed broadband for two main reasons. First, high speed/broadband connections are......
Blog Traffic Exchange Related Websites
  • Black Hat // Webcast 28 - HTTP Parameter Pollution Vulnerabilities in Web Applications HTTP Parameter Pollution Vulnerabilities in Web Applications // Marco Balduzzi http://links.covertchannel.blackhat.com/ctt?kn=4&m=36625440&r=ODMwMzU3MTg2MAS2&b=2&j=MTAxNjM3NzA1S0&mt=1&rt=0 ----------------------------------- OVERVIEW: While input validation vulnerabilities such as XSS and SQL injection have been intensively studied, a new class of injection vulnerabilities called HTTP Parameter Pollution (HPP) has not received as much attention. HPP attacks consist of injecting encoded......
  • CWSP - Certified Wireless Security Professional The CWSP exam is an advanced level wireless LAN certification developed by Planet3 Wireless. This exam is a part of the Certified Wireless Network Program (CWNP). The exam tests your ability on how well you are able to protect your company‚Äôs valuable data from hackers. For anyone desiring a career......
  • Strength Training for a Triathlon Strength training is capable of being a vitally important part of the training program for all triathletes. Maximizing the quality of your workout should be your prime objective when it comes to developing a solid strength program that is going to benefit your triathlon progress. There are a wide variety......
en.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site