Re: ssh warning about man in middle attack

From: Ident (Ident@bigfoot.com)
Date: 09/22/02


From: Ident <Ident@bigfoot.com>
Date: Sun, 22 Sep 2002 06:21:08 +0400


Paul wrote:

> "ABN" <n@niworld.com> wrote in message
> news:9uhb9.5373$z21.1265237@news20.bellglobal.com...
> > Hi everyone,
> >
> > I went to connect to a machine using ssh to check on email, and for the
> > first time, I got the following message:
> >
> > ---------------------------------------
> > @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> > @ WARNING: HOST IDENTIFICATION HAS CHANGED! @
> > @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> > IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
> > Someone could be eavesdropping on you right now (man-in-the-middle
> attack)!
> > It is also possible that the host key has just been changed.
> > Please contact your system administrator.
> > ----------------------------------------
>
> It is also possible that the O/S on the machine you are connecting to has
> been reinstalled. I have seen this before when the target machine has
> reformatted/reinstalled after some other problem. Perhaps the system admin
> at that site could shed some light on the subject.
>
> PD

Hope you can read up on The Man IN The Middle/
Thois probably the meanest thing a malicious hacker can do IMO.
Tracker