I use an SSH tunnel for all of my internet usage. How secure is this? If someone looks at the packets, what can they tell? (apart from the destination..)
cheers
I use an SSH tunnel for all of my internet usage. How secure is this? If someone looks at the packets, what can they tell? (apart from the destination..)
cheers
they can probably tell its SSH and that's about it. SSH isn't as secure as everyone thinks though.
Last edited by Jay; 16-09-2009 at 08:53 AM.
□ΞVΞ□
tell that to the openbsd team!
throw new ArgumentException (String, String, Exception)
Nobody is interested in your internet traffic, really. That's rather paranoid. And from the end of your tunnel to the destination it's not encrypted unless you only visit SSL sites.
Lourdes has confused SSL with SSH.
SSH is an encryption system that uses well known (and secure) cryptographic techniques to protect the packet contents, but the packet headers are not encrypted so the source and destination addresses are in clear. SSH also provides an authentication procedure using PKI techniques, so unless you are likely to be specifically targeted, it is unlikely that your traffic can be decrypted - and provided you take appropriate precautions to protect your private key you should be OK.
I use SSH to remotely connect to my server - it is regularly attacked (although not AFAIK a directed attack, and so far it has protected me - but that is the authentication side).
If you haven't already done so, visit the SSH website or Google SSH) and download the manuals. There are a number of configuration files (sshd.conf and ssh.conf are the two important ones) that you need to pay attention to, if only to understand the potential weaknesses of mis-configuration.
Like any security mechanism, it can be weakened by poor configuration or management.
http://www.openssh.com/manual.html
Last edited by peterb; 01-10-2009 at 07:29 AM.
(\__/)
(='.'=)
(")_(")
Been helped or just 'Like' a post? Use the Thanks button!
My broadband speed - 750 Meganibbles/minute
One of the biggest faults I have seen with sshd.conf and ssh.conf is incorrect security settings on the files.
□ΞVΞ□
Indeed - and as I mentioned in my post above, any security mechanism can be negated by poor configuration. However the measures you impose and the effort you put into securing your system comes down to a risk assessment - the likelihood of an attack, and the impact if it is successful, against the effort (and perhaps cost) of increasing the security posture to mitigate the risk.
One example is the configuration file line that allows or disallows password authentication. If you are using PKI authentication, this should be disabled - it then ONLY possible to login using the private key. But this is something you need to do manually! Look at the documents I linked to above! You need to consider how SSH will act in conjunction with othert security mechanisms that may be in place (PAM for example). In most cases the default will be sufficient, but you should at least review it to be certain that the default is satisfactory.
Security is not a 'fit and forget' capability - at the very least the logs need monitoring, and the overall security policy and posture of the system needs periodic review. And this is true of any computer system regardless of operating system!
Last edited by peterb; 01-10-2009 at 07:38 AM.
(\__/)
(='.'=)
(")_(")
Been helped or just 'Like' a post? Use the Thanks button!
My broadband speed - 750 Meganibbles/minute
There are currently 1 users browsing this thread. (0 members and 1 guests)