Re: SSH auto trust all host keys,how to?

Richard E. Silverman wrote:
"Chuck" == Chuck <skilover_nospam@xxxxxxxxxxxxxx> writes:


Chuck> Not all attacks come from outside your network. This idea is
Chuck> often overlooked.

Re-read:

>> ... This by itself won't help you unless the host you're trying to
>> spoof is on the same IP network as you, ....


Saw that the first time. I just wanted to emphasize a point that is
often overlooked. Most network and system admins spend 99% of their
efforts protecting against hi-tech external attacks when most successful
attacks are either low tech or internal.

Case in point is a guy I know who secured every aspect of his network
application with SSL - except for the printer used to print paychecks.
Wouldn't you know it that someone set up a packet sniffer on the
printer's subnet and was able to steal payroll info.

In another case, a company I used to work for hired a security auditor
who was able to get application passwords by very low-tech means. He
called the computer room posing as an irate executive who couldn't log
on, and someone just gave him the password over the phone. Needles to
say heads rolled (not mine).
.

Relevant Pages

  • A Network IPS Proposal (was Definition of Zero Day Protection)
    ... I did a research on Network IPS a while back when the ... > api gating layers and are continuing to greatly ... > implementations have detection properties for zero ... > day attacks. ...
    (Focus-IDS)
  • RE: Need help from a group of experts. I am not a network expert but I play one on tv.
    ... preventing file attachments alone won't stop all email attacks. ... Sonicwall is a good firewall...but any firewall depends on how well you ... I am not a network expert ... - Precisely Define and Implement Network Security ...
    (Security-Basics)
  • RE: Pre-Scanning for Marketing
    ... The controlling interest of the network has to have a inclination to secure ... vulnerabilities are easily and efficiently identified. ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Up to 75% of cyber attacks are launched on shopping carts, ...
    (Pen-Test)
  • Re: Biometrics
    ... I'd feel safer on an OS designed as such, not as a network client - ... the Internet is a world of strangers. ... Compare this Windows Vista: if someone ... lot of information about attacks from this data. ...
    (microsoft.public.security)
  • Re: How secure is SSL emails?
    ... > - Your remailer generates no traffic eventually delivered to mailboxes ... > messages could subscribe to a remailer network, ... These attacks have long been known, ... Bob decides to work on the designs that can be built, ...
    (sci.crypt)