Vulnerability Development mailing list archives
Re: SSL & IDS
From: Ng Pheng Siong <ngps () POST1 COM>
Date: Sat, 2 Sep 2000 16:49:21 +0800
On Fri, Sep 01, 2000 at 09:36:34AM +0200, Mikael Olsson wrote:
You'll likely have to terminate the SSL connection on a reverse proxy machine in front of the web server and do your IDS sniffing after that reverse proxy.
This seems a popular suggestion. Given the usual statistic that 80% (or 90% or whatever) of security compromises are internal jobs, deliberately terminating your SSL early and then having your app talk in the clear over your internal network is more dangerous than it is useful, IMHO. Cheers. -- Ng Pheng Siong <ngps () post1 com> * http://www.post1.com/home/ngps
Current thread:
- Re: SSL & IDS Denis Ducamp (Sep 01)
- <Possible follow-ups>
- Re: SSL & IDS Ed Padin (Sep 01)
- Re: SSL & IDS Inno Eroraha (Sep 01)
- Re: SSL & IDS Blue Boar (Sep 02)
- Re: SSL & IDS Bluefish (P.Magnusson) (Sep 01)
- Re: SSL & IDS Timothy J. Miller (Sep 01)
- Re: SSL & IDS Mikael Olsson (Sep 01)
- Re: SSL & IDS Ng Pheng Siong (Sep 02)
- Re: SSL & IDS Dragos Ruiu (Sep 02)
- Re: SSL & IDS Bluefish (P.Magnusson) (Sep 03)
- Re: SSL & IDS Pluto (Sep 08)
- Re: SSL & IDS Ng Pheng Siong (Sep 02)
- Re: SSL & IDS Benjamin P. Grubin (Sep 05)
- Re: SSL & IDS J Edgar Hoover (Sep 01)