[Home] [Groups] - Message: [Prev in Group] [Next in Group]

nu.kanga.list.mud-dev

28930: Re: [MUD-Dev] SSH Encryption on data stream

[Full Header] [Plain Text]
From: J C Lawrence <claw@kanga.nu>
Newsgroups: nu.kanga.list.mud-dev
Date: Sat, 11 Oct 2003 23:35:41 -0400
References: [1]
Organization: Kanga.Nu
On Fri, 10 Oct 2003 14:15:57 -0400 (EDT) 
Craig H Fry <Craig> wrote:

> So many games are plagued by packet sniffers I often wondered why more
> companies didn't do a per-session SSH encryption on the data stream.

What threat model are you attempting to solve?

  Soft-Ice or similar debugger applied to localhost will compromise the
  local keys or uncrypted data, rendering the stream wide-open.

  Threads from man-in-the-middle attacks on MUD services as yet have not
  been a notable problem.

--
J C Lawrence                
---------(*)                Satan, oscillate my metallic sonatas. 
claw@kanga.nu               He lived as a devil, eh?		  
http://www.kanga.nu/~claw/  Evil is a name of a foeman, as I live.

_______________________________________________
MUD-Dev mailing list
MUD-Dev@kanga.nu
https://www.kanga.nu/lists/listinfo/mud-dev