Nmap Development mailing list archives
Re: ssl-cert.nse
From: "Norris Carden" <ncarden () ascendfcu org>
Date: Fri, 2 Apr 2010 14:40:03 -0500
I'm looking for a way to determine if a SSL proxy is in place between a system and the web server. I believe the Bluecoat proxy replaces the server SSL certificate with an internal corporate one, but there are man-in-the-middle techniques that forge a certificate practically identical to the one from the server. Can you think of a way this ssl-cert.nse could be used to determine if the certificate is coming from the same address as the web server? Might this also be able to determine if the host side is using a SSL proxy? Is there another script or method that will accomplish this? Thanks, Norris Carden, CISSP, CISA _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: ssl-cert.nse Norris Carden (Apr 02)
- Re: ssl-cert.nse Brandon Enright (Apr 02)
- Re: ssl-cert.nse David Fifield (Apr 02)