[icecast] a new directory service

[Allen Landsidel]

At 08:57 PM 10/17/2001 -0600, you wrote:
> > A fully-encrypted connection would nearly eliminate the possibility of a
> > man-in-the-middle attack either hijacking the session or surreptitiously
> > switching bits mid-stream and changing the traffic on the fly.
>
>A man-in-the-middle attack is not easy to pull off.  If you can show me
>why some person would be incented to attack someone like this, then
>maybe there is a case for it.

I have (of course) two things to add here.. ;)

#1 To the first fella.. encrypted data transfer does not prevent a man in 
the middle attack if there is any kind of authentication going on.  At some 
point the client and server have to trade keys.  At this point the data can 
be snooped (in the case of an exchange of plaintext, passwords for 
instance) or hijacked (in the case of something like diffie-hellman).  The 
only way to really stop a MitM attack is to use some form of public key 
cryptography, and verify that you have the correct key through multiple, 
independant sources.. say call Jack on the phone and verify the key 
fingerprint; this is only truely secure however if you know Jacks voice and 
can be sure he doesn't have a gun to his head.. ;)

#2 To Jack.. Anyone who has an interest in promoting their station above 
others has an interest in this.  If they can either (as currently) lie 
about listener counts to rocket to the top of the list, or (in a listener 
count-less system) do something like hijack or fake out other connections 
to say.. blank out the correct URL, or update the server with meaningless 
data, they'll do it.

--- >8 ----
List archives:  http://www.xiph.org/archives/
icecast project homepage: http://www.icecast.org/
To unsubscribe from this list, send a message to 'icecast-request at xiph.org'
containing only the word 'unsubscribe' in the body.  No subject is needed.
Unsubscribe messages sent to the list will be ignored/filtered.