[prev in list] [next in list] [prev in thread] [next in thread] 

List:       nessus
Subject:    Re: Fwd: .mudge regt sich=?us-ascii?Q?_=FCber?= Security Scanner auf ;)
From:       Andre Delafontaine <andre.delafontaine () echostar ! com>
Date:       1998-12-07 16:50:52
[Download RAW message or body]

< snip >

> >>> that they shouldn't have done the XOR scheme to begin with when the
> >>> purpose of the communications between the client and server are "lists" of
> >>> vulnerabilities on said machines. Not something you want advertised to
> >>> anyone passivle monitoring.
> >>
> >>Well... Nessus doesn't even XOR the data sent to the client. So, yes,
> >>it is affected by this flaw (but everyone knows it)
> > [snip]
> >
> > The XOR joke looks too silly, to me. I told you about the client/server
> > encryption status, the other day. It will provide a publicly availale
> > interface for strong encryption together with the ciphers (BTW, i'm working
> > on the cbc layer, just now).

Hello.

What am I missing here? If someone can spy on the network, he either has

1) physical access to the network and plugs in a host;
2) priviledged access on a legitimate host;
3) is running a D level security type host (DOS, Windows 95, ...).

In any of the previous cases, he can run Nessus or some other security
software himself and gather whatever data he wants, although his own
traffic may be noticed.

He could also log responses from the legitimately probed hosts and get a
feeling for the vulnerabilites from there as that traffic can't be
encrypted.

If Nessus client -> server traffic really needs to be hidden, why not
use the Unix socket option in include/config.h rather than the inet
socket or use ssh to encrypt X traffic if server and client display
can't be run on the same host?


Andre, trying to understand.
-- 
Ban the bomb.  Save the world for conventional warfare.

delaand.no_spam@hotmail.com              \  Remove '.no_spam'
andre.delafontaine.no_spam@echostar.com  /  before replying.

 PGP fingerprint: F804 FE50 02B5 0302  F687 C78D F92E B858

[prev in list] [next in list] [prev in thread] [next in thread]