Home page logo
/

basics logo Security Basics mailing list archives

RE: Web Traffic Security and Eavesdropping
From: "David Gillett" <gillettdavid () fhda edu>
Date: Wed, 12 Nov 2008 11:04:27 -0800

  I think it was less than two months ago that there was an alert 
about rogue routers spoofing BGP info in order to get traffic for 
a chosen destination network sent to an attacker.  I seem to 
recall seeing a rootkit for IOS talked about as well.  Or of 
course there could be an insider at an ISP -- perhaps a transit 
carrier with no contractual obligation to either endpoint.

  Sending sensitive information across the Internet unencrypted
is like mailing it on a postcard.  Postal employees are, on the
whole, honourable and honest -- but all it takes is one, somewhere,
or somebody willing and able to get into a mailbox....

David Gillett


-----Original Message-----
From: mojorising [mailto:moj0rising () aim com] 
Sent: Monday, November 10, 2008 5:16 PM
To: security-basics () securityfocus com
Subject: Web Traffic Security and Eavesdropping

Hi, there. We all know many web sites out there encrypt 
connections with SSL to prevent eavesdropping on user 
sessions. In a conversation about this today while securing 
web services/ applications of one of our sites, a friend 
asked how such a thing is possible if the eavesdropper is not 
on the same network as the end-user or server being watched. 
I couldn't provide a very good answer and was wondering if 
anyone out there could. We know how easy it would be if you 
were on the same network or had access to one of the nodes on 
either end or even, perhaps, a switch or router, etc in 
between those two points.

Basically, the question is, can someone out there in the big, 
bad, internet somehow watch all traffic going to and from 
another node on the internet (like a web server for example) 
without being on the same local network as the node they are 
watching? I'm quite sure the answer to this is yes and if 
yes, then how is it done?


Thanks,
Mike



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]