Re: can openssh/logins be exploited this way?

From: Neil W Rickert (rickert+nn@cs.niu.edu)
Date: 01/19/03 

From: Neil W Rickert <rickert+nn@cs.niu.edu>
Date: 19 Jan 2003 20:35:05 GMT

"Andreas Bittner" <bittner@hotmail.com> writes:

>due to a typo i have come across an interesting domain: dnydns.org (instead
>of dyndns.org, the free dynamic dns service)

>...

>i was wondering if malicious people wouldnt set up domains and services like
>this, to collect account information and logs due to frequent typos of
>people on dynamic ips out there...

People who set up these kinds of domains often seem to be more
interested in peddling porn. [I haven't checked your particular
example, so I don't know what they are up to.]

>now that i have tried to login to this false ip with my user/pass several
>times, i wonder if i should rather change my account/password on my box
>now....

It wouldn't hurt.

My practice is to use public key authentication where possible.
Then, if I am unexpectedly asked for a password, I disconnect and
investigate. (Usually, it is because I did something dumb, such as
logging in from a shell that was not set to talk to ssh-agent).

>can anyone tell if that sshd on that ip is for real... can somone fake it?
>and could just somehow collect the login/password data?

Whenever you log into a system you do not trust, there is a risk that
the password you used for that login was compromised.

Relevant Pages

  • Re: Setting up IP address on XP RD
    ... assigned IP from my ISP and my solution is to use No-IP.com a free dynamic DNS service. ... I setup a fully qualified domain name and call my home LAN using that. ...
    (microsoft.public.windowsxp.work_remotely)
  • Re: Linksys NAS200 Network Storage adapter
    ... Richard in Va. ... Or, you could go with a free dynamic DNS service, such as DynDNS or one of the others mentioned here: http://www.technopagan.org/dynamic/#TheList. ...
    (microsoft.public.windowsxp.network_web)