[icecast] a new directory service
all at biosys.net
Thu Oct 18 03:34:37 UTC 2001
At 08:57 PM 10/17/2001 -0600, you wrote:
> > A fully-encrypted connection would nearly eliminate the possibility of a
> > man-in-the-middle attack either hijacking the session or surreptitiously
> > switching bits mid-stream and changing the traffic on the fly.
>A man-in-the-middle attack is not easy to pull off. If you can show me
>why some person would be incented to attack someone like this, then
>maybe there is a case for it.
I have (of course) two things to add here.. ;)
#1 To the first fella.. encrypted data transfer does not prevent a man in
the middle attack if there is any kind of authentication going on. At some
point the client and server have to trade keys. At this point the data can
be snooped (in the case of an exchange of plaintext, passwords for
instance) or hijacked (in the case of something like diffie-hellman). The
only way to really stop a MitM attack is to use some form of public key
cryptography, and verify that you have the correct key through multiple,
independant sources.. say call Jack on the phone and verify the key
fingerprint; this is only truely secure however if you know Jacks voice and
can be sure he doesn't have a gun to his head.. ;)
#2 To Jack.. Anyone who has an interest in promoting their station above
others has an interest in this. If they can either (as currently) lie
about listener counts to rocket to the top of the list, or (in a listener
count-less system) do something like hijack or fake out other connections
to say.. blank out the correct URL, or update the server with meaningless
data, they'll do it.
--- >8 ----
List archives: http://www.xiph.org/archives/
icecast project homepage: http://www.icecast.org/
To unsubscribe from this list, send a message to 'icecast-request at xiph.org'
containing only the word 'unsubscribe' in the body. No subject is needed.
Unsubscribe messages sent to the list will be ignored/filtered.
More information about the Icecast