Security Basics mailing list archives

RE: SSL and TCP RST/SYN attack

From: Ben Eisel <Ben.Eisel () computershare com au>
Date: Thu, 24 Sep 2009 09:25:44 +1000

Your scenario is to vulnerability as to me not getting out of bed is to destiny.

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of David Zhang
Sent: Monday, 21 September 2009 2:30 AM
To: security-basics () securityfocus com
Subject: SSL and TCP RST/SYN attack

Hi all:
I would like to ask a question about SSL. Consider the situation that
a man in the middle. Because he can always fake TCP RST/SYN packet, so
he can always block the client to get service from the https server.

So can I say that this is an intrinsic vulnerable in SSL, as
considering the situation that the attacker is in the same LAN with
the client, the attacker can always block the client to reach his
server (say on-line banking)?

Thanks
David

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------


---
This email and any files transmitted with it are solely intended for the use of the addressee(s) and may contain 
information that is confidential and privileged.  If you receive this email in error, please advise us by return email 
immediately.  Please also disregard the contents of the email, delete it and destroy any copies immediately.
Computershare Limited and its subsidiaries do not accept liability for the views expressed in the email or for the 
consequences of any computer viruses that may be transmitted with this email.
This email is also subject to copyright.  No part of it should be reproduced, adapted or transmitted without the 
written consent of the copyright owner.


------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------

Current thread:

SSL and TCP RST/SYN attack David Zhang (Sep 23)
- Re: SSL and TCP RST/SYN attack Shreyas Zare (Sep 28)
- Re: SSL and TCP RST/SYN attack Radmilo Racic (Sep 28)
- Re: SSL and TCP RST/SYN attack Fabien Vincent (Sep 28)
- RE: SSL and TCP RST/SYN attack David Gillett (Sep 28)
- RE: SSL and TCP RST/SYN attack Ben Eisel (Sep 28)