Next
Previous
Contents
- hoax #1 : use sshv2
- today
only the v1 protocol have been implemented
- in the case of a
password authentication
:
- sshv2 is
as vulnerable as
sshv1
- private versions have / will be implemented
- hoax #2 : use compression in ssh
- today
compression haven't been implemented yet
- which may prevent the attacker to monitor the session and to hijack it
- but not to catch the password
- private versions have / will be implemented
Next
Previous
Contents