Re: [Nolug] last night's meeting

From: Randy Flood <stock_investor_guy_at_yahoo.com>
Date: Fri, 21 May 2004 14:35:39 -0700 (PDT)
Message-ID: <20040521213539.86006.qmail@web40105.mail.yahoo.com>

I didn't attend the meeting, so I don't know what the
exact discussion was about in terms of the "cyber
cafe". But, there is at least one point to consider.
 
If you use someone else's computer such as a computer
at Kinko's, the SSL encryption doesn't do you a whole
lot of good if someone has hacked the computer you are
using and installed an application to capture your
passwords. There have been several cases where this
has occured including one that I read about where the
same person was arrested for doing the same hack at
Kinkos after being released from jail for the crime of
doing the very same hack at Kinkos...

The other thing that SSL can be vunerable to if you
ignore the warnings that is, is an SSL
Man-in-the-middle attack. Your browser will warn you
about the certificate and ask you if you want to
continue. You have the option if you want to continue
or not. But, you may not realize that a
man-in-the-middle attack is going on because this
could also happen if the certificate is expired or
some people were too cheap to pay Verisign and
self-signed their certificates or whatever. So, you
may just have gotten used to clicking past these
warnings without even thinking about it. But, if you
do, then, you are opening yourself up to the risk of a
man-in-the-middle attack.
  
Randy

--- Simon Dorfman <EmailLists@SimonDorfman.com> wrote:
> On 5/21/04 9:44 AM, "Joey Kelly"
> <joey@joeykelly.net> wrote:
>
> > Things went well last night. Judson gave a
> demonstration of nmap and ethereal,
> > where we demonstrated that that all of the traffic
> passing on the wire can be
> > captured. We saw plaintext passwords, and we saw
> encrypted traffic. In answer
> > to a question, Judson explained how to secure our
> servers (don't run stuff
> > you don't need, and keep the things you do run
> updated, etc.).
> >
> > I then wrapped the meeting up by making the
> comment that since our data can be
> > sniffed, we ought to be extremely careful when
> sending any. For instance, if
> > we absolutely must check email at a cyber cafe, we
> need to put up a VPN (ssh
> > tunnels, or some other solution) first, to insure
> that no one grabs our
> > passwords. Worse still, our online bank account
> information, even though it's
> > protected by SSL, can often be decrypted, so doing
> that sort of thing when we
> > are not reasonably certain our traffic isn't being
> sniffed, is foolhardy.
>
> How exactly can a 128-bit SSL connection be
> decrypted?
>
> Simon
>
> ___________________
> Nolug mailing list
> nolug@nolug.org

=====
------------------------------------------------------
Randy Flood
Randy.Flood@RHCE2B.COM
http://www.rhce2b.com
------------------------------------------------------

        
                
__________________________________
Do you Yahoo!?
Yahoo! Domains – Claim yours for only $14.70/year
http://smallbusiness.promotions.yahoo.com/offer
___________________
Nolug mailing list
nolug@nolug.org
Received on 05/21/04

This archive was generated by hypermail 2.2.0 : 12/19/08 EST