Re: Which protocol is better, version 1 or 2? Advantages disadva ntages?

[Thor Lancelot Simon <tls%rek.tjls.com@localhost>]

On Sat, Feb 02, 2002 at 12:08:51PM +1100, Darren Reed wrote:
> 
> The package I am referring to is:
> 
> http://ettercap.sourceforge.net

So, I'm looking at the source code to that package.  So far as I can tell,
it runs a pretty ordinary man-in-the-middle attack (it can also MITM the
SSL protocol).  It appears that the only reason it doesn't currently work
with SSHv2 is that the authors didn't bother to write the code to encode/
decode v2 packets.

Yet.

Note that this kind of attack will trigger a "HOST KEY HAS CHANGED!" message
if run against a host you've already talked to.  However, since, unlike SSL,
no SSH implementation I'm aware of can really interact with a real public-key
infrastructure, there is *NO WAY* you can avoid this kind of attack when
connecting to a host you've never talked to before.  Again, this is v1/v2
independent; it is indicative of a severe flaw in the way SSH and similar
public-key-based protocols are used on the Internet: nobody wants to pay
for (or have the bother of using) root-signed certificates for all of their
machines, but without a way to validate a certificate you will always be
vulnerable to man-in-the-middle attacks.  Frankly, I am very surprised it's
taken this long for a kit for attacking SSH to appear.

-- 
 Thor Lancelot Simon	                                      tls%rek.tjls.com@localhost
   But as he knew no bad language, he had called him all the names of common
 objects that he could think of, and had screamed: "You lamp!  You towel!  You
 plate!" and so on.              --Sigmund Freud