Sniffing HTTPS and SSH
¨Security is built on a trust model of underlying public keys
–HTTPS server sends to browser a certificate containing server’s
public key signed by a Certificate Authority
–SSL connection uses a session key randomly generated by server to encrypt data between server and client
–With SSH, a session key is transmitted in an encrypted fashion using a private key stored on the server
¨ Dsniff takes
advantage of poor trust decisions made by a
clueless user via man-in-the middle attack
–Web browser user may trust a certificate that is not
signed by a trusted party
–SSH user can still connect to a server whose public key has changed