WebApp Sec mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Security tool for monitoring HTTPS traffic?

From: Satish Chandra Prasad <scprasad () zilog com>
Date: Thu, 26 Feb 2004 03:13:34 -0800
You could, provided you know the session key and an utility like ssldump

Satish

-----Original Message-----
From: John Reilly [mailto:JReilly () eSpatial com]
Sent: Wednesday, February 25, 2004 3:49 PM
To: webappsec () securityfocus com
Subject: RE: Security tool for monitoring HTTPS traffic?





I have a similar question too!

Are they products they can look inside HTTPS traffic? Some 
customers doesn't
trust HTTPS traffic going inside the company over the proxy! 


There is no way to look at the plain text content inside the https traffic -
that would defeat the whole purpose of https.  

Regards,
John
Previous By Date Next
Previous By Thread Next

Current thread: