Vulnerability Development mailing list archives

Re: SSL & IDS

From: Ng Pheng Siong <ngps () POST1 COM>
Date: Sat, 2 Sep 2000 16:49:21 +0800

On Fri, Sep 01, 2000 at 09:36:34AM +0200, Mikael Olsson wrote:

You'll likely have to terminate the SSL connection on a reverse proxy
machine in front of the web server and do your IDS sniffing after that
reverse proxy.


This seems a popular suggestion.

Given the usual statistic that 80% (or 90% or whatever) of
security compromises are internal jobs, deliberately terminating
your SSL early and then having your app talk in the clear over
your internal network is more dangerous than it is useful, IMHO.

Cheers.
--
Ng Pheng Siong <ngps () post1 com> * http://www.post1.com/home/ngps

Current thread:

Re: SSL & IDS Denis Ducamp (Sep 01)
- <Possible follow-ups>
- Re: SSL & IDS Ed Padin (Sep 01)
  - Re: SSL & IDS Inno Eroraha (Sep 01)
  - Re: SSL & IDS Blue Boar (Sep 02)
- Re: SSL & IDS Bluefish (P.Magnusson) (Sep 01)
- Re: SSL & IDS Timothy J. Miller (Sep 01)
- Re: SSL & IDS Mikael Olsson (Sep 01)
  - Re: SSL & IDS Ng Pheng Siong (Sep 02)
    - Re: SSL & IDS Dragos Ruiu (Sep 02)
    - Re: SSL & IDS Bluefish (P.Magnusson) (Sep 03)
    - Re: SSL & IDS Pluto (Sep 08)
    - Re: SSL & IDS Benjamin P. Grubin (Sep 05)
- Re: SSL & IDS H D Moore (Sep 01)
  - Re: SSL & IDS J Edgar Hoover (Sep 01)
- Re: SSL & IDS Crispin Cowan (Sep 01)
- Re: SSL & IDS Lowry, Shaun (ISSReading) (Sep 04)