ARP-spoofing defense
Andy Bradford
amb-plug at bradfords.org
Wed Mar 14 22:37:16 MDT 2007
Thus said Nicholas Leippe on Wed, 14 Mar 2007 12:53:10 PDT:
> I've always wondered about that. I search the man pages, and looked at
> the host key/files, but never figured out how to find the host's
> fingerprint to do this. I've thought about recording all of our
> server's fingerprints and publishing them somewhere/bringing them with
> me so I could verify them when I'm connecting from offsite.
How about you just put a known_hosts with all your host fingerprints in
it on your laptop before you connect from offsite? Hopefully offsite
doesn't mean connecting from public computer systems... All it takes is
one PC that you think can be trusted that has a keylogger running on it.
Andy
--
[-----------[system uptime]--------------------------------------------]
10:37pm up 3:42, 1 user, load average: 1.37, 1.42, 1.26
More information about the PLUG
mailing list