Re: SSL Scanner
- From: goarilla <"kevin DOT paulus AT skynet DOT be">
- Date: Sun, 28 Oct 2007 14:25:39 +0100
On 28 Okt, 04:49, Solbu <so...@xxxxxxxxxxxxxxxx> wrote::%s/package/packet/g-----BEGIN PGP SIGNED MESSAGE-----
royend sent the following transmission through subspace:
the project focuses on the vulnerability ofIf someone intercepts the packages using a man-in-the-middle-attack,
the web, and I am hoping to shove that even though SSL is implemented
the packages might be vulnerable to a Man-In-The-Middle-Attack (please
correct me if I am wrong), as the packages might be intercepted by an
the encryption will break, thus alerting the user.
You cannot intercept encrypted packages
without alerting the user that someone _IS_ intercepting them.
Because the certificate will be wrong.
Remove 'ugyldig.' for email
PGP key ID: 0xFA687324
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
-----END PGP SIGNATURE-----
On 28 Okt, 11:29, Jim Watt <jimw...@xxxxxxxxxx> wrote:On Sat, 27 Oct 2007 08:22:11 -0700, royend <roy...@xxxxxxxxx> wrote:Is there any programs you would recommend which will handle SSL/TLS?Explanation why it can't be done...
Would for instance a program like Ethereal be able to read packages
using SSL protocols?
Jim Watt http://www.gibnet.com
That is what I thought (and hoped for...).
Can the packages be saved when intercepted and without changing the
package be used in a replay attack?
i'm sorry in my native language 'pakket' has both meanings as well but still
i know the difference and the appropriate term when using them in english