From mboxrd@z Thu Jan 1 00:00:00 1970 From: Markus Friedl To: 9fans@cse.psu.edu Subject: Re: [9fans] SSH Version2 Message-ID: <20021007170035.GA18143@faui02> References: <3615866249e25a424b3aa6af9c3b8dbe@plan9.bell-labs.com> <20021007125129.GA25505@faui02> <20021007160236.GA4066@thefrayedknot.armory.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20021007160236.GA4066@thefrayedknot.armory.com> User-Agent: Mutt/1.4i Date: Mon, 7 Oct 2002 19:00:35 +0200 Topicbox-Message-UUID: ffdd76f6-eaca-11e9-9e20-41e7f4b1d025 On Mon, Oct 07, 2002 at 09:02:36AM -0700, Andrew wrote: > On Mon, Oct 07, 2002 at 02:51:29PM +0200, Markus Friedl wrote: > > On Mon, Oct 07, 2002 at 10:42:38AM +0000, Jeff Sickel wrote: > > > Russ Cox wrote: > > > > our ssh client only does ssh1. > > > > > > yikes, does that mean Plan9 is subject to the ssh1 problems other systems are > > > warned not to pursue (via switching to ssh2)? > > > > what protocol 1 problems? > ever heard of ettercap? sure. but it's not really related to ssh protocol version 1. > the ultimate in script kiddie packet sniffing > technology? it can break ssh1. > http://ettercap.sourceforge.net/ it does not apply to ssh protocol 1 only. it applies to version 2 and (to some degress) ssl, too. it just implements a MITM attack. -m