encrypt authentication credentials with payload in the clear?

James Dennis jdennis at law.harvard.edu
Wed Mar 5 03:41:25 EST 2003


Ben Lindstrom wrote:
> 
> On Mon, 3 Mar 2003, Scott Bolte wrote:
> 
> 
>>On Mon, 03 Mar 2003 09:45:05 -0500, James Dennis wrote:
>>
>>>Shouldn't the IDS be detecting known attacks, not ssh traffic?
>>
>>	Their concern is that the traffic, which will be remote
>>	service commands by the way, is completely opaque to them.
>>	They feel they need to monitor the internals to make sure
>>	it is appropriate traffic and not an unknown 3rd party using
>>	the cloak of encryption to hide inappropriate actions.
>>
> 
> 
> Stupidity comes in many forms.  By weakening their security they think
> they are improving it.  I would never go near such a company.  I'm sure
> anyone with any amount of common sense can outsmart any NIDS system on the
> face of the earth.

Amen.

-James




More information about the openssh-unix-dev mailing list