[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] SSL Filtering

To: John Sec <john_sec_lists@hotmail.com>
Subject: Re: [Full-Disclosure] SSL Filtering
From: Blue Boar <BlueBoar@thievco.com>
Date: Fri, 17 Oct 2003 11:57:21 -0700

Is there a way to detect if this MITM is being performed?

The one method I'm familiar with for how to accomplish this with SSL involves installing keys for a company CA in the users' browsers. (The SSL MITM box resigns the keys, and as long as the key is trusted by the user, no dire error messages occur.) If you were paying attention, you could check that the signing CA had changed.

BB

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] SSL Filtering
  - From: Brian Hatch <full-disclosure@ifokr.org>

References:
- Re: [Full-Disclosure] SSL Filtering
  - From: "John Sec" <john_sec_lists@hotmail.com>

Prev by Date: Re: [Full-Disclosure] Application level firewall
Next by Date: RE: [Full-Disclosure] Strange netcat behavior
Previous by thread: Re: [Full-Disclosure] SSL Filtering
Next by thread: Re: [Full-Disclosure] SSL Filtering
Index(es):
- Date
- Thread