Re: [tlug] SSH Issues

[Curt Sampson <cjs@example.com>]

On 2008-11-25 14:05 +0900 (Tue), Edward Middleton wrote:

> I guess the question is whether it is worth using SSL at all in
> situations where self signed certificates are used.  If you considering
> that a standard SSL certificate cost about $20 a year, and just running
> SSL requires significantly more system resources the benefits of running
> a non-authenticated server seem pretty minimal.

Also, consider that the lock icon provides people with a certain sense
of unjustified security. There are folks out there who sincerely
believe, without an appropriate analysis of the risks, that they are
secure enough when using SSL with some random end-point simply because
it's encrypted.

This is the reason new versions of Firefox are now much more uptight
about accepting self-signed certs.

On 2008-11-25 17:13 +0900 (Tue), Stephen J. Turnbull wrote:

> Of course.  However, as Curt[1] correctly points out (and I missed his
> meaning), it's not just a matter of *you* running an authenticated
> server, it's a matter of me checking the certs and paying attention to
> warning from the TLS layer.

To be precise, he's not "running an authenticated server"; he, just like
the bad guy attacking you, is merely running a server. It's you that's
doing the authentication (or not, as the case may be).

> OTOH, my belief is that the students are quite capable (both morally
> and possibly technically[2]) of sniffing the ethernets, but not of
> suborning routers.

On the other hand, they don't really have any need to suborn the
routers, or even touch them. So long as they can convince you that
you're talking to the host you hope you are, they're set.

Giving you bogus DNS records or changing the router you're using would
both do the trick, neither would involve your university's routers in
any way, and neither requires even enough access to the network to
sniff it; any access to the physical layer at all will do, unless your
switches are essentially configured as layer-2 firewalls.

There are further attacks; I leave these as an exercise for the reader.

> [2]  Eg, although our wired nets are on switches, not hubs, which
> should be reasonably safe....

They're not terribly safe; see above.

> ...the other day I was surprised to discover I was connected via an open
> wireless network; for some reason my iBook "forgot" the preferred
> setting to the closed network in my office, maybe it glitched.

I see you've already started on the exercises!

On 2008-11-25 18:50 +0900 (Tue), Edward Middleton wrote:

> Obviously non-authenticated connection provides some utility in your
> situation but it is to security what a sheet of newspaper is to
> shelter.

I rather like that way of putting it.

cjs
-- 
Curt Sampson       <cjs@example.com>        +81 90 7737 2974   
Mobile sites and software consulting: http://www.starling-software.com