Security Basics mailing list archives
Re: filter ssl traffic
From: "Vladimir B. Kropotov" <slyman2000 () mail ru>
Date: Thu, 27 Nov 2003 15:37:45 +0300
----- Original Message ----- From: "Burton M. Strauss III" <BStrauss () acm org> To: <security-basics () securityfocus com> Cc: "Vladimir B. Kropotov" <slyman2000 () mail ru>; "zidan" <zidan00 () fastmail fm> Sent: Monday, November 24, 2003 11:42 PM Subject: RE: filter ssl traffic
What you might want to do is create an ssl proxy. Then users create an ssl connection to the proxy and the proxy creates a connection to the remote site. That gives the proxy machine visibility of the unencrypted data. Don't know if such a beast exists as freeware - search the web for 'transparent ssl proxy' - you'll find some interesting reading and a commercial product or two that might meet your needs. -----Burton
I think it's look like a some kind of man-in-the-middle attack. You Must Use Users PRIVATE keys to emplement this. It means you violate the ideology in that kind of cryptography. --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- filter ssl traffic zidan (Nov 17)
- Re: filter ssl traffic Vladimir B. Kropotov (Nov 24)
- RE: filter ssl traffic Burton M. Strauss III (Nov 25)
- Re: filter ssl traffic Phil Brammer (Nov 25)
- Re: filter ssl traffic Vladimir B. Kropotov (Nov 27)
- Re: filter ssl traffic Byron Sonne (Nov 27)
- RE: filter ssl traffic Corey Scott (Nov 28)
- RE: filter ssl traffic Burton M. Strauss III (Nov 25)
- Re: filter ssl traffic Vladimir B. Kropotov (Nov 24)