Re: [fw-wiz] Firewall best practices
- From: "Bruce B. Platt" <bruce@xxxxxxx>
- Date: Wed, 28 Apr 2010 14:17:54 -0400
lordchariot said in part:
...
... but can you imagine
if a nefarious CA got embedded into the browser?
Meh, it actually probably wouldn't make much difference anyway. Users are
just going to click OK anyway to bypass the warning...sigh.
Capture some packets when using IE when it finds a web site using a
certificate whose entire certification path is not included in the local
machine account's "Trusted Root Certification Authorities". What happens is
both enlightening and frightening when this occurs with the wrong
certificate.
I chose not to elaborate on the consequences. I share erik's "sigh".
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
- References:
- Re: [fw-wiz] Firewall best practices
- From: Anton Chuvakin
- Re: [fw-wiz] Firewall best practices
- From: Jason Lewis
- Re: [fw-wiz] Firewall best practices
- From: Morty
- Re: [fw-wiz] Firewall best practices
- From: Martin Barry
- Re: [fw-wiz] Firewall best practices
- From: Marcus J. Ranum
- Re: [fw-wiz] Firewall best practices
- From: Martin Barry
- Re: [fw-wiz] Firewall best practices
- From: david
- Re: [fw-wiz] Firewall best practices
- From: John Morrison
- Re: [fw-wiz] Firewall best practices
- From: Fetch, Brandon
- Re: [fw-wiz] Firewall best practices
- From: lordchariot
- Re: [fw-wiz] Firewall best practices
- Prev by Date: [fw-wiz] EUSecWest Amsterdam 2010 Call For Papers (short deadline May 5 - conf June 16/17)
- Next by Date: Re: [fw-wiz] Looking for firewall mgmt solution
- Previous by thread: Re: [fw-wiz] Firewall best practices
- Next by thread: Re: [fw-wiz] Firewall best practices
- Index(es):
Relevant Pages
|
