IDS mailing list archives
Re: SSL and IPS (was RE: ssh and ids)
From: "Michael H. Warfield" <mhw () wittsend com>
Date: Wed, 30 Jun 2004 18:08:12 -0400
On Wed, Jun 30, 2004 at 01:39:38PM -0700, Peter_Schawacker () NAI com wrote:
Rob,
:
I think we've taken this topic as far as we can on this list. There is no question that the technology works -- we've had it in beta in real world networks. The most important question is, "How will the market value this technology?" Only real-world implementations and time will tell. Let's just let the market decide the value of IPS decryption, shall we?
I love to keep things like this on lists like this. In public. I don't mind a little egg on my face when I'm proven wrong, that's how I learn and I don't learn unless someone corrects me. So let's go for it. This should be easy for you. The files are ready. You can let me know what the URL was that was requested. You can readily extract the server name from the cert. The rest will come from the decrypted session. Pull the files from here... Server's private key: https://www.wittsend.com/ssl-challenge/server.key.bin (There is no password on the key) Server's certificate: https://www.wittsend.com/ssl-challenge/server.crt.bin Dump of the session (tcpdump): https://www.wittsend.com/ssl-challenge/cl.tcpdump.bin I made them all .bin to avoid any Mime nonsense. You now have everything you claim to need. Send me back the URL and the html text of the page. I want to see this. I'll be truely impressed if you can do what you claim to do.
Thanks, Mike (ISS), Marty (Sourcefire) and Jason (Sourcefire) for your questions and comments. Let's have this chat again six months from now. ;-)
Over and out.
Peter Schawacker, CISSP Technical Evangelist McAfee Office 760 200 4258 Mobile 760 880 4258 ps () nai com
Mike -- Michael H. Warfield | (770) 985-6132 | mhw () WittsEnd com /\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!
Attachment:
_bin
Description:
Current thread:
- RE: SSL and IPS (was RE: ssh and ids) Rob Shein (Jun 30)
- Re: SSL and IPS (was RE: ssh and ids) Michael H. Warfield (Jun 30)
- RE: SSL and IPS (was RE: ssh and ids) Rob Shein (Jun 30)
- <Possible follow-ups>
- RE: SSL and IPS (was RE: ssh and ids) Peter_Schawacker (Jul 01)
- Re: SSL and IPS (was RE: ssh and ids) Michael H. Warfield (Jul 01)
- Re: SSL and IPS (was RE: ssh and ids) Wouter Clarie (Jul 04)
- Re: SSL and IPS (was RE: ssh and ids) Michael H. Warfield (Jul 04)
- Re: SSL and IPS (was RE: ssh and ids) Michael H. Warfield (Jul 01)
- Re: SSL and IPS (was RE: ssh and ids) Michael H. Warfield (Jul 01)
- Re: SSL and IPS (was RE: ssh and ids) Michael H. Warfield (Jun 30)
- RE: SSL and IPS (was RE: ssh and ids) Peter_Schawacker (Jul 04)