Educause Security Discussion mailing list archives

Re: paloalto firewall

From: Mark Boolootian <booloo () UCSC EDU>
Date: Thu, 20 Dec 2007 12:07:45 -0800

You can achieve these 3 requirements with an active method were you
install a certificate authority certificate on all your client machines
that the proxy server will use with satisfies A.


I assume this means the client machines are compromised, in which
case I'm not sure I see any value in bothering with the mitm attack.
You already own the machine.

Current thread:

Re: paloalto firewall Mike Corcoran (Dec 20)
- <Possible follow-ups>
- Re: paloalto firewall Alex (Dec 20)
- Re: paloalto firewall Jeff Holden (Dec 20)
- Re: paloalto firewall Mark Boolootian (Dec 20)
- Re: paloalto firewall Valdis Kletnieks (Dec 20)
- Re: paloalto firewall Chris Edwards (Dec 21)
- Re: paloalto firewall Jeff Holden (Dec 21)
- Re: paloalto firewall Gene Spafford (Dec 21)