Full Disclosure mailing list archives
How to prevent HTTPS MitM
From: Luigi Rosa <lists () luigirosa com>
Date: Thu, 17 Jan 2013 21:56:53 +0100
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 If this message is offtopic, please excuse me. I was reading about Nokia HTTPS MitM. Many corporate firewall can MitM HTTPS for content inspection and many governments do this for their reasons. I was thinking: could it be possible to create a fake HTTPS stream to DoS the MitM attempt? Ciao, luigi - -- / +--[Luigi Rosa]-- \ Genetics explains why you look like your father, and if you don't, why you should. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iEYEARECAAYFAlD4ZZEACgkQ3kWu7Tfl6ZQy7QCgxrctsaiadgM4oxTEDVWViuE/ EEIAoKIm/uEj7HD56++cWg4L+m8RaIoP =9xLU -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- How to prevent HTTPS MitM Luigi Rosa (Jan 17)
- Re: How to prevent HTTPS MitM Jeffrey Walton (Jan 17)
- Re: How to prevent HTTPS MitM Jann Horn (Jan 18)
- Re: How to prevent HTTPS MitM gremlin (Jan 18)