Home page logo

basics logo Security Basics mailing list archives

Re: filter ssl traffic
From: "Vladimir B. Kropotov" <slyman2000 () mail ru>
Date: Thu, 27 Nov 2003 15:37:45 +0300

----- Original Message -----
From: "Burton M. Strauss III" <BStrauss () acm org>
To: <security-basics () securityfocus com>
Cc: "Vladimir B. Kropotov" <slyman2000 () mail ru>; "zidan"
<zidan00 () fastmail fm>
Sent: Monday, November 24, 2003 11:42 PM
Subject: RE: filter ssl traffic

What you might want to do is create an ssl proxy. Then users create an ssl
connection to the proxy and the proxy creates a connection to the remote
site.  That gives the proxy machine visibility of the unencrypted data.

Don't know if such a beast exists as freeware - search the web for
'transparent ssl proxy' - you'll find some interesting reading and a
commercial product or two that might meet your needs.


I think it's look like a some kind of man-in-the-middle attack.  You Must
Use Users PRIVATE keys to emplement this. It means you violate the ideology
in that kind of cryptography.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]