Re: SSL and TCP RST/SYN attack

[Shreyas Zare <shreyas () technitium com>]

Hi,

If an attacker is able to reset TCP connection then that would affect
all the protocols which use TCP for transport. So it has nothing to do
with SSL. There is no problem in SSL, it is only using TCP for
transport service.

Regards,

On Sun, Sep 20, 2009 at 9:59 PM, David Zhang <david.zhang1965 () gmail com> wrote:
> Hi all:
> I would like to ask a question about SSL. Consider the situation that
> a man in the middle. Because he can always fake TCP RST/SYN packet, so
> he can always block the client to get service from the https server.
>
> So can I say that this is an intrinsic vulnerable in SSL, as
> considering the situation that the attacker is in the same LAN with
> the client, the attacker can always block the client to reach his
> server (say on-line banking)?
>
> Thanks
> David


--
("If at first you don't succeed; call it version 1.0")

Shreyas Zare
Co-Founder, Technitium
eMail: shreyas () technitium com

..::< The Technitium Team >::..
Visit us at www.technitium.com
Contact us at theteam () technitium com

Join Sci-Tech News group and get the latest science & technology news
in your inbox. Visit http://tech.groups.yahoo.com/group/sci-tech-news
to join.

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------