[SATLUG] OT: Router-related question
bruce.dubbs at gmail.com
Wed Feb 10 22:19:59 CST 2010
Henry Pugsley wrote:
> There are several appliances that proxy HTTPS by basically doing a
> man-in-the-middle attack that is virtually undetectable in the browser. If
> Cisco and RSA can figure it out, so can a dedicated cracker fishing for bank
> Combine DNS spoofing and an SSL attack and your browser will happily show a
> green padlock for any valid SSL certificate.
Yes, the browser will but ssh won't.
> DNS is not authenticated in any way and is cleartext.
Well it could be:
More information about the SATLUG