[SATLUG] OT: Router-related question
tweeksjunk2 at theweeks.org
Sat Feb 13 17:03:46 CST 2010
On Wednesday 10 February 2010 10:19:59 pm Bruce Dubbs wrote:
> Henry Pugsley wrote:
> > There are several appliances that proxy HTTPS by basically doing a
> > man-in-the-middle attack that is virtually undetectable in the browser.
I wouldn't call it an "Attack". They're simple the termination point for the
SSL session setup.. gaining access to the symmetric encryption key.
> > If Cisco and RSA can figure it out, so can a dedicated cracker fishing
> > for bank accounts.
As they say for realestate..
Location, Location location.. ;)
> > Combine DNS spoofing and an SSL attack and your browser will happily show
> > a green padlock for any valid SSL certificate.
This is why I run my own DNS.. via "." :)
Never trust someone else's DNS.
More information about the SATLUG