[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] FD / lists.grok.org - bad SSL cert

To: Valdis.Kletnieks@xxxxxx
Subject: Re: [Full-disclosure] FD / lists.grok.org - bad SSL cert
From: Tim <tim-security@xxxxxxxxxxxxxxxxxxx>
Date: Mon, 5 Jan 2009 13:29:52 -0800

> > How is that better, really?  Run tcpdump or ettercap...  Either of the
> > tools are off the shelf.
> 
> And if the site is using a self-signed cert, how does a 3rd party tcpdump
> manage to get a *decrypted* datastream?  Yes, you can still do traffic 
> analysis
> on the "X talked to Y with packet sizes A, B, and C" level, but you can't
> look at the data.


You're missing the point of my comment:

  Plaintext communication => use tcpdump

  Encrypted without a cert => use ettercap (or something similar)


Is there really a non-constant difference in difficulty?

tim

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] FD / lists.grok.org - bad SSL cert
  - From: Valdis . Kletnieks

References:
- [Full-disclosure] FD / lists.grok.org - bad SSL cert
  - From: Gary Wilson
- Re: [Full-disclosure] FD / lists.grok.org - bad SSL cert
  - From: James Matthews
- Re: [Full-disclosure] FD / lists.grok.org - bad SSL cert
  - From: Tim
- Re: [Full-disclosure] FD / lists.grok.org - bad SSL cert
  - From: Valdis . Kletnieks
- Re: [Full-disclosure] FD / lists.grok.org - bad SSL cert
  - From: Tim
- Re: [Full-disclosure] FD / lists.grok.org - bad SSL cert
  - From: Valdis . Kletnieks

Prev by Date: Re: [Full-disclosure] FD / lists.grok.org - bad SSL cert
Next by Date: Re: [Full-disclosure] Full-Disclosure wouldn't let me post this message
Previous by thread: Re: [Full-disclosure] FD / lists.grok.org - bad SSL cert
Next by thread: Re: [Full-disclosure] FD / lists.grok.org - bad SSL cert
Index(es):
- Date
- Thread