RE: [fw-wiz] Security of HTTPS

From: Servie Platon (servie_tech_at_yahoo.com)
Date: 11/27/04

  • Next message: Paul D. Robertson: "RE: [fw-wiz] Security of HTTPS"
    To: firewall-wizards@honor.icsalabs.com
    Date: Fri, 26 Nov 2004 16:08:47 -0800 (PST)
    
    

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Hi folks,

    I'm so sorry for the messed up email before, my
    apologies.

    I am not the original poster to this thread but after
    reading the white paper on the SANS web site made me a
    little bit weary of the possibilities which I am
    posting my question based on the topic of MITM attack.

    1. How does the cracker hone in to attack a preferred
    network of choice? Do they just port scan the internet
    and once it finds one would do the MITM and pose as a
    legit web site?

    2. Do they pose as legit web sites to unsuspecting
    users, or hiding in the guise of a famous web site but
    in fact doing a MITM attack?

    Most people now adays, make online transactions such
    as buying, selling and other e-commerce type of thing.
    After reading the whitepaper makes me think twice if
    it is really safe using HTTPS despite the guarantees
    being stated by such sites?

    Any tips, suggestions, as well as explanations as to
    how this is done and how to avoid such a thing from
    occuring would mean a lot so that we could limit the
    chances of being victimized in the future.

    Thanks in advance.

    Sincerely,
    Servie

    - --- Jean-Denis Gorin <jdg_cnce2004@yahoo.fr> wrote:

    >
    > Lot of papers about SSL Man In the Middle attack.
    > For
    > example, on the SANS web site:
    > http://www.sans.org/rr/whitepapers/threats/480.php
    >
    > Some kind of proxies use this to enable content
    > filtering of HTTPS traffic...
    >
    > JDG
    >
    > From Alex Bihlmaier
    > >
    > > Good Morning.
    > >
    > >
    > >
    > > I am curious how strong the security of https can
    > be.
    > > Is there some possibility of a MITM attack?
    > > Are there any papers out there outlining this
    > aspect
    > > of security?
    > >
    > >
    > >
    > > //thalunil
    > >
    >
    >
    >
    >
    >
    >
    > Vous manquez d’espace pour stocker vos mails ?
    > Yahoo! Mail vous offre GRATUITEMENT 100 Mo !
    > Créez votre Yahoo! Mail sur
    > http://fr.benefits.yahoo.com/
    >
    > Le nouveau Yahoo! Messenger est arrivé ! Découvrez
    > toutes les nouveautés pour dialoguer instantanément
    > avec vos amis. A télécharger gratuitement sur
    > http://fr.messenger.yahoo.com
    > _______________________________________________
    > firewall-wizards mailing list
    > firewall-wizards@honor.icsalabs.com
    >
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
    >

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.3.92 (MingW32) - GPGshell v3.23

    iD8DBQFBp8VuyQgrZePdA38RAhCyAJ9eN2yeoM/hccuBm7xFPI82jIY6KgCfedzA
    KaKBtRpn4XXtSzj4Dkq2L70=
    =dZR/
    -----END PGP SIGNATURE-----
    Hi folks,

    I'm so sorry for the messed up email before, my
    apologies.

    I am not the original poster to this thread but after
    reading the white paper on the SANS web site made me a
    little bit weary of the possibilities which I am
    posting my question based on the topic of MITM attack.

    1. How does the cracker hone in to attack a preferred
    network of choice? Do they just port scan the internet
    and once it finds one would do the MITM and pose as a
    legit web site?

    2. Do they pose as legit web sites to unsuspecting
    users, or hiding in the guise of a famous web site but
    in fact doing a MITM attack?

    Most people now adays, make online transactions such
    as buying, selling and other e-commerce type of thing.
    After reading the whitepaper makes me think twice if
    it is really safe using HTTPS despite the guarantees
    being stated by such sites?

    Any tips, suggestions, as well as explanations as to
    how this is done and how to avoid such a thing from
    occuring would mean a lot so that we could limit the
    chances of being victimized in the future.

    Thanks in advance.

    Sincerely,
    Servie

    --- Jean-Denis Gorin <jdg_cnce2004@yahoo.fr> wrote:

    >
    > Lot of papers about SSL Man In the Middle attack.
    > For
    > example, on the SANS web site:
    > http://www.sans.org/rr/whitepapers/threats/480.php
    >
    > Some kind of proxies use this to enable content
    > filtering of HTTPS traffic...
    >
    > JDG
    >
    > From Alex Bihlmaier
    > >
    > > Good Morning.
    > >
    > >
    > >
    > > I am curious how strong the security of https can
    > be.
    > > Is there some possibility of a MITM attack?
    > > Are there any papers out there outlining this
    > aspect
    > > of security?
    > >
    > >
    > >
    > > //thalunil
    > >
    >
    >
    >
    >
    >
    >
    > Vous manquez d’espace pour stocker vos mails ?
    > Yahoo! Mail vous offre GRATUITEMENT 100 Mo !
    > Créez votre Yahoo! Mail sur
    > http://fr.benefits.yahoo.com/
    >
    > Le nouveau Yahoo! Messenger est arrivé ! Découvrez
    > toutes les nouveautés pour dialoguer instantanément
    > avec vos amis. A télécharger gratuitement sur
    > http://fr.messenger.yahoo.com
    > _______________________________________________
    > firewall-wizards mailing list
    > firewall-wizards@honor.icsalabs.com
    >
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
    >

    __________________________________________________
    Do You Yahoo!?
    Tired of spam? Yahoo! Mail has the best spam protection around
    http://mail.yahoo.com
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


  • Next message: Paul D. Robertson: "RE: [fw-wiz] Security of HTTPS"

    Relevant Pages

    • Re: UI, Lisp, CLOS, MVC, design
      ... this cookie thing? ... But most apps don't bother, because it puts quite a load on the server. ... hand, when I type in some Web2.0 thingie and add a https before it, I ... The web site that was ...
      (comp.lang.lisp)
    • Re: [fw-wiz] Security of HTTPS
      ... accept a certificate that is in date, relates to the right site, but is ... The amusing side of this MITM attack is that if you register your ... > legit web site? ... >> Vous manquez d’espace pour stocker vos mails? ...
      (Firewall-Wizards)
    • RE: [fw-wiz] Security of HTTPS
      ... > legit web site? ... > in fact doing a MITM attack? ... Keep the integrity of your client systems strong, ... Paul D. Robertson "My statements in this message are personal opinions ...
      (Firewall-Wizards)
    • Re: OT: A Little Help Needed
      ... You'll find a draft of an essay for the Reading and Writing ... section of my web site called The Western Canon According to Me. ... The list is to be proceeded by a short essay explaining the basis on which they chose their books. ...
      (rec.arts.mystery)
    • Re: Does the Moon Exist When Im Not Looking?
      ... Reading this colossal thread from the Google Groups ... web site takes a ridiculous amount of processing on the client, ... but I like it better than saying that the moon really ... Jews and Catholics, or to blame Jews /for/ Catholics. ...
      (rec.arts.sf.written)