RE: [fw-wiz] Security of HTTPS

From: Paul D. Robertson (paul_at_compuwar.net)
Date: 11/27/04

  • Next message: Kevin Sheldrake: "Re: [fw-wiz] Security of HTTPS" 
    To: Servie Platon <servie_tech@yahoo.com>
Date: Sat, 27 Nov 2004 10:04:22 -0500 (EST)

    On Fri, 26 Nov 2004, Servie Platon wrote:

    > 1. How does the cracker hone in to attack a preferred
    > network of choice? Do they just port scan the internet
    > and once it finds one would do the MITM and pose as a
    > legit web site?

    It's called a "Man in the middle" attack for a reason, the attacker must
    be in the "middle" of the traffic flow.

    >
    > 2. Do they pose as legit web sites to unsuspecting
    > users, or hiding in the guise of a famous web site but
    > in fact doing a MITM attack?

    That happens too, for instance, recently there's been a spate of Windows
    malware changing hosts file entries to get the site's traffic redirected
    to them, even if the user types the URL in their browser.

    > Most people now adays, make online transactions such
    > as buying, selling and other e-commerce type of thing.
    > After reading the whitepaper makes me think twice if
    > it is really safe using HTTPS despite the guarantees
    > being stated by such sites?

    It's as safe as anything else, that is to say the risks have been
    minimized to the extent it's possible to do so without being
    over-infringing, but it could be done in a better way if there weren't so
    many competing interests.

    > Any tips, suggestions, as well as explanations as to
    > how this is done and how to avoid such a thing from
    > occuring would mean a lot so that we could limit the
    > chances of being victimized in the future.

    Keep the integrity of your client systems strong, make sure your DNS is
    good, make sure your routers are secure, use good clients, and track
    transactions and audit them.

    Generally, there are enough weak Web servers that MITM attacks aren't
    worthwhile, other than the redirection stuff I mentioned earlier.

    Paul
    -----------------------------------------------------------------------------
    Paul D. Robertson "My statements in this message are personal opinions
    paul@compuwar.net which may have no basis whatsoever in fact."
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

  • Next message: Kevin Sheldrake: "Re: [fw-wiz] Security of HTTPS"

    Relevant Pages

    • Re: [fw-wiz] Security of HTTPS
      ... accept a certificate that is in date, relates to the right site, but is ... The amusing side of this MITM attack is that if you register your ... > legit web site? ... >> Vous manquez d’espace pour stocker vos mails? ...
      (Firewall-Wizards)
    • RE: [fw-wiz] Security of HTTPS
      ... posting my question based on the topic of MITM attack. ... legit web site? ... After reading the whitepaper makes me think twice if ... > filtering of HTTPS traffic... ...
      (Firewall-Wizards)
    • Re: Yet another "stolen" photo
      ... :> I would ask them to add a credit immediately under the photo with a link ... :> credit me but link to the event's web site who I had given permission to ... :> photo on a blog to at least link to the photo on your site. ... What a bloody hypocrite You are Paul. ...
      (rec.photo.equipment.35mm)
    • consipracy theories
      ... post that crap to Mig's web site. ... The bottom line is that Susan Polar is trying to shut down discussion ... of the guilt of her Husband, USCF Vice President Paul Troung. ...
      (rec.games.chess.politics)
    • Re: Opinion: Epoxy Source & Information
      ... Paul is reading this. ... page with prices on it and waste so much time going around in circles, ... I was going to talk to Paul about his web site, ... I've been refurbishing our 1973 ketch and have done some epoxy work in that process. ...
      (rec.boats.building)