encrypt authentication credentials with payload in the clear?
James Dennis
jdennis at law.harvard.edu
Wed Mar 5 03:41:25 EST 2003
Ben Lindstrom wrote:
>
> On Mon, 3 Mar 2003, Scott Bolte wrote:
>
>
>>On Mon, 03 Mar 2003 09:45:05 -0500, James Dennis wrote:
>>
>>>Shouldn't the IDS be detecting known attacks, not ssh traffic?
>>
>> Their concern is that the traffic, which will be remote
>> service commands by the way, is completely opaque to them.
>> They feel they need to monitor the internals to make sure
>> it is appropriate traffic and not an unknown 3rd party using
>> the cloak of encryption to hide inappropriate actions.
>>
>
>
> Stupidity comes in many forms. By weakening their security they think
> they are improving it. I would never go near such a company. I'm sure
> anyone with any amount of common sense can outsmart any NIDS system on the
> face of the earth.
Amen.
-James
More information about the openssh-unix-dev
mailing list