[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: hijacked SSH sessions



There have been various TOR exit nodes that have been "behaving badly" lately (check the tor-talk list) .. some are doing frames, popups, etc .. there is a list of bad nodenames somewhere on that list (can't find it at hand..)

Personally, I wouldn't use any exit node in China .. use the ExcludeNodes part of your torrc.

~Mike.

Taka Khumbartha wrote:
today i have had several attempted "man in the middle" attacks on my SSH sessions.  i am not sure which exit node(s) i was using, but the MD5 hash of the fingerprint of the spoofed host key is:

4d:64:6f:bc:bf:4a:fa:bd:ce:00:b0:8e:c9:40:60:57

and it does not matter which host i connect to, the MD5 hash presented it always the same.

just a heads up