Educause Security Discussion mailing list archives
Re: SKYPE - What's the latest in terms of Risk...
From: Tristan RHODES <tristanrhodes () WEBER EDU>
Date: Thu, 20 Dec 2007 09:34:46 -0700
Sounds like a great way to get your users in the habit of accepting invalid certificates. Tristan Rhodes Weber State University On Thu, 2007-12-20 at 09:46 -0500, Mike Corcoran wrote:
Scott Koger wrote:As long as the application continues to use encryption for the traffic, there is no way to inspect the traffic (huge hole for unintended data leakage)Not True, at least in general. The new firewall from PaloAlto Networks decrypts SSL traffic by doing a man-in-the-middle attack, and allows you to filter even on encrypted traffic. I don't know if there are any issues with Skype's SSL implementation, but PaloAlto gave me the impression that they could decode most if not all SSL implementations. They have not cracked ssh yet, but they are working on it. We plan to evaluate PaloAlto's product early next year. Mike
Current thread:
- SKYPE - What's the latest in terms of Risk... Sadler, Connie (Dec 19)
- <Possible follow-ups>
- Re: SKYPE - What's the latest in terms of Risk... Scott Koger (Dec 20)
- Re: SKYPE - What's the latest in terms of Risk... Mike Corcoran (Dec 20)
- Re: SKYPE - What's the latest in terms of Risk... Terry Gray (Dec 20)
- Re: SKYPE - What's the latest in terms of Risk... Tristan RHODES (Dec 20)
- Re: SKYPE - What's the latest in terms of Risk... David Morton (Dec 20)
- Re: SKYPE - What's the latest in terms of Risk... David Gillett (Dec 20)
- Re: SKYPE - What's the latest in terms of Risk... Cal Frye (Dec 20)
- Re: SKYPE - What's the latest in terms of Risk... Randall C Grimshaw (Dec 20)
- Re: SKYPE - What's the latest in terms of Risk... Bill Brinkley (Dec 20)
- Re: SKYPE - What's the latest in terms of Risk... Charlie Prothero (Dec 20)
- Re: SKYPE - What's the latest in terms of Risk... Chris Edwards (Dec 21)
- Re: SKYPE - What's the latest in terms of Risk... Vincent Stoffer (Dec 21)