Full Disclosure mailing list archives
Re: extension for Firefox to force HTTPS always?
From: <full-disclosure () hushmail com>
Date: Sat, 13 Oct 2007 10:24:47 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dear 3APAPA, In the English language, the words criticism and suggestion are not synonyms. If you could please kindly point out where Vladis makes a suggestion (anywhere, anytime), or says anything constructive (anywhere, anytime), or anything remotely clever (anywhere, anytime) I would greatly appreciate it. I am however impressed with your use of advanced computer hacking tools such as host, openssl, and tcpdump in the Linux computer hacking environment. I feel your pain on the icmp issue as well. Some people are just ratfuck bastards. Cheers! On Fri, 12 Oct 2007 22:12:08 -0400 Harry Hoffman <hhoffman@ip- solutions.net> wrote:
what is wrong with his suggestion? If you look at the situation the following things happen: [hhoffman@localhost ~]$ host www.cnn.com www.cnn.com has address 64.236.16.20 www.cnn.com has address 64.236.16.52 www.cnn.com has address 64.236.24.12 www.cnn.com has address 64.236.29.120 www.cnn.com has address 64.236.91.21 www.cnn.com has address 64.236.91.22 www.cnn.com has address 64.236.91.23 www.cnn.com has address 64.236.91.24 Host www.cnn.com not found: 3(NXDOMAIN) [hhoffman@localhost ~]$ openssl s_client -connect www.cnn.com:443 [root@localhost ~]# tcpdump -i wlan0 -ln tcp port 443 and net '64.236' tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on wlan0, link-type EN10MB (Ethernet), capture size 96 bytes 22:02:32.427607 IP 192.168.1.103.35113 > 64.236.24.12.https: S 2923208691:2923208691(0) win 5840 <mss 1460,sackOK,timestamp 102380687 0,nop,wscale 7> 22:02:35.427467 IP 192.168.1.103.35113 > 64.236.24.12.https: S 2923208691:2923208691(0) win 5840 <mss 1460,sackOK,timestamp 102383687 0,nop,wscale 7> 22:02:41.427496 IP 192.168.1.103.35113 > 64.236.24.12.https: S 2923208691:2923208691(0) win 5840 <mss 1460,sackOK,timestamp 102389687 0,nop,wscale 7> 22:02:53.427470 IP 192.168.1.103.35113 > 64.236.24.12.https: S 2923208691:2923208691(0) win 5840 <mss 1460,sackOK,timestamp 102401687 0,nop,wscale 7> 22:03:17.427469 IP 192.168.1.103.35113 > 64.236.24.12.https: S 2923208691:2923208691(0) win 5840 <mss 1460,sackOK,timestamp 102425687 0,nop,wscale 7> 22:04:05.427466 IP 192.168.1.103.35113 > 64.236.24.12.https: S 2923208691:2923208691(0) win 5840 <mss 1460,sackOK,timestamp 102473687 0,nop,wscale 7> 22:05:41.427556 IP 192.168.1.103.47627 > 64.236.29.120.https: S 2954205762:2954205762(0) win 5840 <mss 1460,sackOK,timestamp 102569687 0,nop,wscale 7> 22:05:44.427467 IP 192.168.1.103.47627 > 64.236.29.120.https: S 2954205762:2954205762(0) win 5840 <mss 1460,sackOK,timestamp 102572687 0,nop,wscale 7> 22:05:50.427472 IP 192.168.1.103.47627 > 64.236.29.120.https: S 2954205762:2954205762(0) win 5840 <mss 1460,sackOK,timestamp 102578687 0,nop,wscale 7> 22:06:02.428441 IP 192.168.1.103.47627 > 64.236.29.120.https: S 2954205762:2954205762(0) win 5840 <mss 1460,sackOK,timestamp 102590687 0,nop,wscale 7> If there are a ton of addresses associated with the hostname record you'd be sitting there for a long time, no? It'd be nice if sites sent a unreachable message but some ppl still believe that blocking all ICMP is ok... go figure. Cheers, Harry full-disclosure () hushmail com wrote:-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MAYBE YOU HAVE A SUGGESTION OR SOMETHING CONSTRUCTIVE TO SAYAFTERALL THESE YEARS VLADIS OR MAYBE YOU SHOULD SHUT THE FUCK UP!!! YOU AREN'T SMARTER THAN WE THINK YOU ARE On Fri, 12 Oct 2007 21:55:37 -0400 Valdis.Kletnieks () vt eduwrote:On Fri, 12 Oct 2007 15:06:14 PDT, Kristian Erik Hermansen said:I just wanted to clarify that I am looking for an extensionthatwillrewrite all encountered HTTP references in Firefox to HTTPS.Iwouldalready have a firewall or some other layer7 filtering deviceblockingunencrypted traffic. The addon "Better Gmail" does somethingsimilarto this, with the "force HTTPS" option, but not exactly...What should this hypothetical extension do if it automagically redirect http: to https:, but the target server is something that isonlylistening on port 80 because it doesn't have https: enabled? https://www.cnn.com just sorta sits there for me.-----BEGIN PGP SIGNATURE----- Note: This signature can be verified athttps://www.hushtools.com/verifyCharset: UTF8 Version: Hush 2.5wpwEAQECAAYFAkcQJ40ACgkQ+dWaEhErNvQjfAQAhvRta2YldG0s+RPwOOYQJhmavq4 cuo/dTsCd3EQy6yQru6oGcmWR7CdCo8EvwoTpB0EwLgVW4z7/lujiayEMECV4zejTNzt wNSabygNoko5I8wh5trmqvoSb4RfPW79qEWLgTosECR1dsCu5FfXuKZhgQwbweWpi09g hzDPTvGg= =jxe7 -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
-----BEGIN PGP SIGNATURE----- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcQ1S8ACgkQ+dWaEhErNvTKWQP9FkS3CGP5+EN4cTf8WUbmbJfbJ4cP ZfizqYMy71CpaBYa/Nrwb8k4rGuuy6A3dOOErMTFrei9y7nj8NJCTAc7xjgQQnsibq2u WlC4FqPqciFs614cbQskiX6za88UGz6SktWGMz8N29UD4Y02SDHwbalER153pGfGCey8 wTOFQaI= =mH+r -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: extension for Firefox to force HTTPS always?, (continued)
- Re: extension for Firefox to force HTTPS always? Ismail Dönmez (Oct 12)
- Re: extension for Firefox to force HTTPS always? Kristian Erik Hermansen (Oct 12)
- Re: extension for Firefox to force HTTPS always? Valdis . Kletnieks (Oct 12)
- Re: extension for Firefox to force HTTPS always? gjgowey (Oct 12)
- Re: extension for Firefox to force HTTPS always? Valdis . Kletnieks (Oct 12)
- Re: extension for Firefox to force HTTPS always? gjgowey (Oct 12)
- Re: extension for Firefox to force HTTPS always? Valdis . Kletnieks (Oct 12)
- Re: extension for Firefox to force HTTPS always? Kristian Erik Hermansen (Oct 12)
- Re: extension for Firefox to force HTTPS always? silky (Oct 13)
- Re: extension for Firefox to force HTTPS always? Harry Hoffman (Oct 12)
- Re: extension for Firefox to force HTTPS always? Valdis . Kletnieks (Oct 13)
- Re: extension for Firefox to force HTTPS always? Marcus Graf (Oct 13)