Date: Fri, 18 Mar 2005 11:31:08 +0000 From: Peter Risdon <peter@circlesquared.com> To: Dick Hoogendijk <dick@nagual.st> Cc: freebsd-questions <freebsd-questions@freebsd.org> Subject: Re: ssh security Message-ID: <1111145468.882.260.camel@lorna.circlesquared.com> In-Reply-To: <20050318112317.GA35516@lothlorien.nagual.st> References: <20050318112317.GA35516@lothlorien.nagual.st>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 2005-03-18 at 12:23 +0100, Dick Hoogendijk wrote: > I log in from a remote windows computer on my school using PuTTY w/ > ssh2. What I'd like to know is how *safe* is the login from this windows > machine? I mean, can my login to my FreeBSD server at home be > *monitored* by someone while I'm using this windows machine at work? > Can the keystrokes that I use *in* PuTTY be seen by anybody on this > windows network at work. If so, what can I do about it to be more safe? PuTTY using ssh establishes an encrypted tunnel between the client and the server, and this makes you pretty secure from network sniffing on the school network or elsewhere. However, keystrokes are a different matter - a keystroke monitoring program on your windows PC will grab keystrokes regardless of the application you're using. Such programs are not unknown... An attempted 220 million pound robbery in London was just attempted using keystroke monitoring software to get account numbers and passwords from an otherwise secure system. So if your windows machine is compromised, everything you do on it will be compromised, period. That's your point of vulnerability, IMHO. Peter.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1111145468.882.260.camel>