Re: Checkpoint smart defance as IPS

[Shreyas Zare <shreyas () secfence com>]

Hi Craig,

On Mon, Jun 7, 2010 at 3:25 AM, Craig S Wright
<craig.wright () information-defense com> wrote:
> An RA is an internal CA, it is trusted by chaining. Please read up on this
> before making arbitrary comments. Yes, there is a cost to this and I have
> not commented on this as this will vary, but then a Checkpoint license is
> also a cost.

You talking about costs involved in the interception is exactly what
my point is. To do the kind of attack, attacker needs quite a lot
resources.

You can do whatever necessary to prove a MITM attack for the
challenge. Its not my concern, as far as I am concern, I am just a
victim in this experiment.



On Sun, May 30, 2010 at 2:40 AM, Craig S. Wright
> This is blatantly false. IDS, IPS, Wireshark even all have SSL decryption
> capabilities. There is no requirement for a separate proxy.

You can use wireshark, no problem!



> Again, SSL is perceived by many as secure. So what? Security is not
> perception. This is a point that you continue to miss.
>
> Again, SSL is about privacy, not security. Privacy can be a part of a
> security solution, but it is not security in itself.

SSL was designed to prevent eavesdropping and it works as designed.
While there are many type of attack scenario possible, its still
secure for use in e-commerce. It surely cant prevent users from social
engineering or vulnerabilities in their browser implementation.

Whatever point you put every time, I too know those technicalities. So
instead of discussing it further, I would like you to prove your point
with the practical experiment I had suggested. If there is something
that I really didn't know or understand then it would be great thing
for me and many people on the list reading this.

As far as costs are concerned, you don't ask your victim to pay up for
the attack.


Regards,

Shreyas Zare

Sr. Information Security Researcher
Secfence Technologies
www.secfence.com

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------