Firewall Wizards mailing list archives
RE: Security of HTTPS
From: "Paul D. Robertson" <paul () compuwar net>
Date: Sat, 27 Nov 2004 10:04:22 -0500 (EST)
On Fri, 26 Nov 2004, Servie Platon wrote:
1. How does the cracker hone in to attack a preferred network of choice? Do they just port scan the internet and once it finds one would do the MITM and pose as a legit web site?
It's called a "Man in the middle" attack for a reason, the attacker must be in the "middle" of the traffic flow.
2. Do they pose as legit web sites to unsuspecting users, or hiding in the guise of a famous web site but in fact doing a MITM attack?
That happens too, for instance, recently there's been a spate of Windows malware changing hosts file entries to get the site's traffic redirected to them, even if the user types the URL in their browser.
Most people now adays, make online transactions such as buying, selling and other e-commerce type of thing. After reading the whitepaper makes me think twice if it is really safe using HTTPS despite the guarantees being stated by such sites?
It's as safe as anything else, that is to say the risks have been minimized to the extent it's possible to do so without being over-infringing, but it could be done in a better way if there weren't so many competing interests.
Any tips, suggestions, as well as explanations as to how this is done and how to avoid such a thing from occuring would mean a lot so that we could limit the chances of being victimized in the future.
Keep the integrity of your client systems strong, make sure your DNS is good, make sure your routers are secure, use good clients, and track transactions and audit them. Generally, there are enough weak Web servers that MITM attacks aren't worthwhile, other than the redirection stuff I mentioned earlier. Paul ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions paul () compuwar net which may have no basis whatsoever in fact." _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- RE: Security of HTTPS, (continued)
- RE: Security of HTTPS Frank Knobbe (Nov 27)
- Re: Security of HTTPS Ng Pheng Siong (Nov 28)
- Re: Security of HTTPS Frank Knobbe (Nov 28)
- Re: Security of HTTPS Ng Pheng Siong (Nov 28)
- Re: Security of HTTPS Frank Knobbe (Nov 28)
- RE: Security of HTTPS Frank Knobbe (Nov 27)
- Re: Security of HTTPS Kevin Sheldrake (Nov 28)
- Re: Security of HTTPS Ng Pheng Siong (Nov 28)
- RE: Security of HTTPS Servie Platon (Nov 27)
- RE: Security of HTTPS Paul D. Robertson (Nov 27)
- Re: Security of HTTPS Kevin Sheldrake (Nov 27)