[TAG] Design of a Protocol Monkey
Ben Okopnik
ben at linuxgazette.net
Thu Mar 8 22:10:55 MSK 2007
On Mon, Mar 05, 2007 at 10:38:14AM -0800, Kapil Hari Paranjape wrote:
> On Mon, 05 Mar 2007, Amit Kumar Saha wrote:
> > > Perhaps what is meant by a protocol monkey is an algorithm that has a
> > > way of intervening in a network protocol without the two endpoints
> > > noticing. The reference is to the Panchatantra story about the monkey
> > > and the two cats.
> >
> > How can we design one?
>
> Depends on the protocol. Here is how the one for SSH works.
>
> 1. Client tries to connect to the server. The monkey intercepts and
> relays.
>
> 2. The server sends its host key. The monkey intercepts and sents its
> own host key instead.
>
> 3. The user gets asked by the client "Are you sure this is the right
> key?" and a not-so-careful one accepts the monkey's host key in place
> of the server's host key.
>
> 4. From this point on all conversation between the client and host
> passes through the monkey who decrypts/modifies every bit.[*]
>
> Of course, for the monkey to work it needs to ensure that all
> network traffic between the client and server passes through it.
For more about this "monkey", as well as getting it off your back and
monkey-attack prevention, google for "MITM" or "Man In The Middle
Attack" - where you'll find out all about the lives of Alice, Bob, and
Carl (or Carol, or Cathy - or even Mallory. Who says geeks aren't
imaginative?)
Also, do note that the author of 'dsniff' "lives" at
'http://www.monkey.org/~dugsong/dsniff'. I wonder if that could be the
source of the original "monkey" comment by the professor?
--
* Ben Okopnik * Editor-in-Chief, Linux Gazette * http://LinuxGazette.NET *
More information about the TAG
mailing list