[MUD-Dev] SSH Encryption on data stream

J C Lawrence claw at kanga.nu
Sat Oct 11 23:35:41 New Zealand Daylight Time 2003


On Fri, 10 Oct 2003 14:15:57 -0400 (EDT) 
Craig H Fry <Craig> wrote:

> So many games are plagued by packet sniffers I often wondered why more
> companies didn't do a per-session SSH encryption on the data stream.

What threat model are you attempting to solve?

  Soft-Ice or similar debugger applied to localhost will compromise the
  local keys or uncrypted data, rendering the stream wide-open.

  Threads from man-in-the-middle attacks on MUD services as yet have not
  been a notable problem.

--
J C Lawrence                
---------(*)                Satan, oscillate my metallic sonatas. 
claw at kanga.nu               He lived as a devil, eh?		  
http://www.kanga.nu/~claw/  Evil is a name of a foeman, as I live.

_______________________________________________
MUD-Dev mailing list
MUD-Dev at kanga.nu
https://www.kanga.nu/lists/listinfo/mud-dev



More information about the MUD-Dev mailing list