[linux-elitists] Notable confluence of security issues

Seth David Schoen schoen@loyalty.org
Fri Jun 15 11:21:33 PDT 2001


(I started thinking about this as a result of a conversation on
lnx-bbc about including dsniff and some others of Dug Song's tools on
our new bootable CD:

http://www.monkey.org/~dugsong/dsniff/

These tools include arpspoof and dnsspoof, which facilitate active
attacks, and webmitm and sshmitm, which implement them (against HTTPS
and SSH, respectively).  arpspoof apparently also allows you to sniff
effectively on a switched network (although presumably many switched
networks can be configured to prevent this).

So, this is very interesting with regard to 802.11 networks.  People
have been able to get onto other people's 802.11 networks anonymously,
and the 802.11 crypto like WEP was supposed to deter this, if you
bothered to set it up, but now WEP has been broken, too.

OK, so people have been told that, if they do use 802.11, with or
without WEP, they need to use some crypto like SSH because people can
spy on them.

But with arpspoof, dnsspoof, and sshmitm, the _only_ thing now
protecting people using SSH over 802.11 is the SSH host key.  (Now,
this the design of SSH, but there are relatively few places where
people have actually been forced to rely on this in the past, and most
SSH users have not actually learned to check host keys.)

So it's now possible for someone to come and anonymously get on an
802.11 network, sniff it (breaking WEP), and then impersonate a DNS
server and an SSH server, performing an active man-in-the-middle
attack.  Someone using SSH over 802.11 will probably _only_ see a
regular "It is possible that someone is doing something nasty"
message, to which, unfortunately, it's likely that SSH users have
become accustomed, and which isn't particularly frightening to most of
them.

If they say "yes", the impostor will have the ability to spy upon and
even to control the session, not to mention getting the user's
password.  There will be _almost_ no evidence of what's happened,
afterward, except that the IP address the user connected from won't be
the user's laptop's actual IP address, but the IP address presumably
assigned to another, similar laptop.

The interesting thing is that this might be the first time that people
can't rely either on physical security or on the mere fact of using
cryptography (WEP, SSH) to protect their connections.  They actually
have to check host keys, because the correctness of the host key is
the last and only line of defense against this combination of attacks.

Yes, man-in-the-middle attacks have been possible for quite a while,
but generally they've required physical access to a network.  Now a
practical man-in-the-middle can be pulled off by someone driving by in
a car, passing by on a train (better be quick about it...), or even by
a laptop left sitting all by itself in a corner of a building which
isn't even the same building which contains the client and server.

There have been lots of articles about what kinds of things people
have been able to see by sniffing on 802.11 networks in the Bay Area.
And these people aren't even breaking WEP, never mind breaking WEP and
doing an MITM.

It's urgently necessary that people who use 802.11 for any sensitive
applications not only use cryptography but also learn to check host
keys.  Otherwise their communications may be _less_ secure than a
cleartext transmission across an unswitched Ethernet.  There, at
least, "you must be present to win".

-- 
Seth David Schoen <schoen@loyalty.org>  | And do not say, I will study when I
Temp.  http://www.loyalty.org/~schoen/  | have leisure; for perhaps you will
down:  http://www.loyalty.org/   (CAF)  | not have leisure.  -- Pirke Avot 2:5



More information about the linux-elitists mailing list