Network Security – so https and ssh are immune to arp spoofing right?



When a machine has been arp spoofed, ALL network traffic from it is likely passing through a “hostile” machine. So, NO, https and ssh traffic is not immune, it is travelling through a hostile machine. However, it should be encrypted. There are a few exceptions though. SSH version 1 is a broken encryption scheme and should be avoided like the plague. As far as I know SSH 2 should be safe. Pay attention to complaints about the host identification not being able to be verified….


HTTPS is also an encrypted protocol, usually used for online banking logins, etc. There is a problem though…. one of the responsibilities of certificate based authentication is that the end user has the ultimate call if a certificate doesn’t match. (You do look at those right?)… SO…. it’s possible that an ARP spoofing attacker machine decrypts the network data from the https:// protected website and then generates a forged certificate and a new encrypted stream to the client machine.

The client machine at this point will complain and say something along the lines that the certificate could not be verified do you still want to accept? So, if the end user supports the forged certificate, then all https passwords can be sniffed as well, because they’ve accepted a fake certificate. So the moral of this story is to be extremely cautious when accepting dubious certificates. HTTPS can be secure, but ultimately it’s up to the end user whether or not they accept a forged certificate.

So what hope is there against arp spoofing?

Related Posts

Blog Traffic Exchange Related Posts
  • Disappointing trend for online banking sites Given how easy it is for people to be fooled by phishing sites, you would think banks would try and keep as many "easy ways to identify a legitimate bank site" as possible wouldn't you? I mean, user-friendliness is certainly a big selling point in things software and even web......
  • Most home pc users lacking on PC security... Surprise!!... ummm wait, no... This article has come out while I've been in the midst of cleaning up a Windows ME pc that has been "0\/\/ned" (owned/controlled...) by someone other than the owner for a bit over 15 months. The system had NO antivirus, no firewall (no antispyware) and used......
  • How to Remove Desktop Security 2010 | Desktop Security 2010 Removal Guide Desktop Security 2010 is a rogue antivirus application. It is a successor to Total PC Defender and installs on your pc without permission through the use of malware. Once on your system it will create numerous files that it then finds during scheduled scans and it claims these files are......
Blog Traffic Exchange Related Websites
  • Finovate Startup 2009 Live Twitter I am attending Finovate Startup 2009. It is an action packed 1 day format which I belive will lend itself perfectly to a live twitter. Stay tuned it should be an amazing day. http://twitter.com/BlogTrafficExch In the break I have scheduled some talks with SimplFi, Mint, and Calendar Budget. I am......
  • Trade Key TradeKey.com was established in 2005 with the aim to facilitate global trade and bring buyers and sellers from all around the world to one common platform. TradeKey.com is the world's leading marketplace which connects traders with worldwide wholesalers, buyers, importers & exporters, manufacturers and distributors in over 220 countries,......
  • What You Have To Know About Search Engine Optimization In the world where some millions of internet users access all the needed information through search engines it becomes very necessary for absolutely every business to have their own websites features in the top listing on a search engines or in other case they could end up losing large part......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site