[vox] password stolen at linuxworld
Micah J. Cowan
vox@lists.lugod.org
Sun, 10 Aug 2003 18:05:01 -0700
On Sun, Aug 10, 2003 at 04:26:57AM -0700, Ryan Castellucci wrote:
> I suspect that my password was either sholder surfed (unlikely, it'd be hard
> to memorize....) or someone was runnning man-in-the-middle attacks, and
> forced an SSHv1 session to prevent a warning, simply prompting for a new key.
How would this be a vulnerability? I know that SSHv1 had some security
flaws, but the only ones I remember reading about were pretty tough to
successfully exploit.
Were you using a computer you owned? If not, it seems that by far the
most likely explanation would be a planted keystroke-recorder on the
client. If you were, think about whether anyone had access to it. Was
there *anything* you would have transmitted in the clear? *Exactly*
how did you access the server?
My sympathies
-Micah