Description
This article is from the SSH - Secure Shell FAQ, by Thomas Koenig Thomas.Koenig@ciw.uni-karlsruhe.de with numerous contributions by
others.
2.3. What kinds of attacks does ssh protect against?
SSH protects against:
o IP spoofing, where a remote host sends out packets which pretend to
come from another, trusted host. Ssh even protects against a
spoofer on the local network, who can pretend he is your router to
the outside.
o IP source routing, where a host can pretend that an IP packet comes
from another, trusted host.
o DNS spoofing, where an attacker forges name server records
o Interception of cleartext passwords and other data by intermediate
hosts.
o Manipulation of data by people in control of intermediate hosts
o Attacks based on listening to X authentication data and spoofed
connection to the X11 server.
In other words, ssh never trusts the net; somebody hostile who has
taken over the network can only force ssh to disconnect, but cannot
decrypted or play back the traffic, or hijack the connection.
The above only holds if you actually use encryption. Ssh does have an
option to use encryption of type "none" this is only for debugging
purposes, and should not be used.
Continue to:
Share and Enjoy
Bookmark this story so others can enjoy it:
Tags
security, SSH, Secure Shell
