ssh security
Peter Risdon
peter at circlesquared.com
Fri Mar 18 03:31:37 PST 2005
On Fri, 2005-03-18 at 12:23 +0100, Dick Hoogendijk wrote:
> I log in from a remote windows computer on my school using PuTTY w/
> ssh2. What I'd like to know is how *safe* is the login from this windows
> machine? I mean, can my login to my FreeBSD server at home be
> *monitored* by someone while I'm using this windows machine at work?
> Can the keystrokes that I use *in* PuTTY be seen by anybody on this
> windows network at work. If so, what can I do about it to be more safe?
PuTTY using ssh establishes an encrypted tunnel between the client and
the server, and this makes you pretty secure from network sniffing on
the school network or elsewhere. However, keystrokes are a different
matter - a keystroke monitoring program on your windows PC will grab
keystrokes regardless of the application you're using. Such programs are
not unknown... An attempted 220 million pound robbery in London was just
attempted using keystroke monitoring software to get account numbers and
passwords from an otherwise secure system.
So if your windows machine is compromised, everything you do on it will
be compromised, period. That's your point of vulnerability, IMHO.
Peter.
More information about the freebsd-questions
mailing list