Re: SSL and IPS (was RE: ssh and ids)

["Michael H. Warfield" <mhw () wittsend com>]

On Wed, Jun 30, 2004 at 01:39:38PM -0700, Peter_Schawacker () NAI com wrote:
> Rob,

        :

> I think we've taken this topic as far as we can on this list.  There is
> no question that the technology works -- we've had it in beta in real
> world networks. The most important question is, "How will the market
> value this technology?"  Only real-world implementations and time will
> tell.  Let's just let the market decide the value of IPS decryption,
> shall we?

        You're right...  Let's test it.

        I've put up the challenge.  I'll set up a secure web server
on a separate IP address and secure with a cert.  I'll provide you
with the private key, with no password, and the certificate, and
a tcpdump of all the traffic to and from that IP address.  You
just provide back all the clear text.  That should be simple.  Yes?
If you can do that, given the private key of the server, then you
have proven your point.  And THAT'S real world.  I can have it done
tonight.

> Thanks, Mike (ISS), Marty (Sourcefire) and Jason (Sourcefire) for your
> questions and comments.  Let's have this chat again six months from now.
> ;-)

> Over and out.

> Peter Schawacker, CISSP
> Technical Evangelist
> McAfee
> Office 760 200 4258
> Mobile 760 880 4258
> ps () nai com

        Mike
-- 
 Michael H. Warfield    |  (770) 985-6132   |  mhw () WittsEnd com
  /\/\|=mhw=|\/\/       |  (678) 463-0932   |  http://www.wittsend.com/mhw/
  NIC whois:  MHW9      |  An optimist believes we live in the best of all
 PGP Key: 0xDF1DD471    |  possible worlds.  A pessimist is sure of it!

Attachment: _bin
Description: