Personally, I use a port knocker (I know, lots of reasons this is a pain, insecure, problematic, etc) to block the 60000 addresses. Of course you can always leave it alone and just go with the general risk of an un-audited protocol.
Mosh vs ssh how to#
So, how to use this protocol with all these uncertainties? Well, you can limit via your iptables (or firewall, etc) where IP packets can come from or you can set up port knocking on the port to "wake it up" if something happens. And of course if someone gets your symmetric key, they can probably guess the port pretty easily. For instance, there already has been a proven DOS attack against the MOSH system (I don't know about hijacking yet). This is more likely and this is where the protocol needs more investigation.
The cost to do that and the requirement to be inline with the transmission makes this highly unlikely (but not completely unheard of)Īttacking the open UDP port once the mosh-server is active. This is highly unlikely for anyone other than possibly your government, your ISP, or someone in the same coffee shop as you. The protocol itself and decrypting it "in-flight". What this means is that there are basically a couple of attack surfaces to deal with. As such, if you get your hands on the two items the server produces, ANYONE can make use of your connection (that is, since its not dependent on the source of the IP, if you have access to those two pieces of information, you effectively are the owner of the connection). Although most of us use SSH to initiate the connection, MOSH doesn't require that to make it work (SSH only kicks off a new mosh-server on the server side and returns two values to the client side: port-# and 22-byte symmetric key). Something to keep in mind while using MOSH.
0 kommentar(er)
