No subject


Sun Jun 2 12:36:39 EDT 2013


save the key, blah.

The keys are identical regardless if I connect to my 7.x server at home work
or from home.  This makes me feel good.  My understanding is if there is a
"man in the middle" sniff-type-device at work which intercepts my ssh
traffic and forwards it to home all the while storing the unencrypted data
in the middle my keys would be different than if I connect to my home 7.x
server directly.  Correct?

When I check my netstat (netstat -a) on my home 7.x machine I see that I'm
connected to a very odd address inbound which is the following address:
21.41.51.152-in-addr.arpa

152.51.41.21 is my work IP address (not really, but let's pretend for the
sake of argument) so it's fairly clear that my work network is doing
something to my outbound traffic to get a weird network address showing up
in my netstat table like that - but I go back to my keys I get from
connecting via work and check them against my keys from connecting on the
home net and they are the same.  Oh - and if I fail a login on purpose and
check my messages log the hostname from the originating machine (as it
appears on my home 7.x server) is 21.41.51.152-in-addr.arpa.

Does this seem overly weird to anyone else besides me?

Oh - traffic between my home box and my PCI card in my desktop all shows
that is is ssh when I check it with EtherPeek - if that helps.  Sould I be
concerned about this weird network address showing up in my netstat tables
or should I just relax because the keys are the same regardless if I connect
from work or home?

Greg




More information about the TriLUG mailing list