[SATLUG] OT: Router-related question

Tweeks tweeksjunk2 at theweeks.org
Sat Feb 13 17:03:46 CST 2010


On Wednesday 10 February 2010 10:19:59 pm Bruce Dubbs wrote:
> Henry Pugsley wrote:
> > There are several appliances that proxy HTTPS by basically doing a
> > man-in-the-middle attack that is virtually undetectable in the browser.

I wouldn't call it an "Attack".  They're simple the termination point for the 
SSL session setup.. gaining access to the symmetric encryption key.


> > If Cisco and RSA can figure it out, so can a dedicated cracker fishing
> > for bank accounts.

As they say for realestate..
Location, Location location.. ;)


> > Combine DNS spoofing and an SSL attack and your browser will happily show
> > a green padlock for any valid SSL certificate.

This is why I run my own DNS.. via "." :)

Never trust someone else's DNS.

Tweeks



More information about the SATLUG mailing list