Home page logo
/

basics logo Security Basics mailing list archives

Re: Web Traffic Security and Eavesdropping
From: Adam Pal <pal_adam () gmx net>
Date: Sun, 16 Nov 2008 11:49:28 +0100

Hello Mike,

My feeling is that you are both right, the one who asked you how it is
possible and you.
It is not possible when the attacker is not on the same virtual path
(lets say path instead network) but the attacker has -as the
wired-article describes- the possibility to bring himself on the path
for instance by modifying the route (BGP).

As you see, the answer to your question is no. You cannot pick up any
information from a flow you are not connected to somehow.
The webserver doesnt see all the information, it sees all information
delivered to it once he is a part of the virtual path the information
took.



-- 
Best regards,
 Adam Pal   

Tuesday, November 11, 2008, 2:16:08 AM, you wrote:

<==============Original message text===============
m> Hi, there. We all know many web sites out there encrypt connections with SSL
m> to prevent eavesdropping on user sessions. In a conversation about this
m> today while securing web services/ applications of one of our sites, a
m> friend asked how such a thing is possible if the eavesdropper is not on the
m> same network as the end-user or server being watched. I couldn't provide a
m> very good answer and was wondering if anyone out there could. We know how
m> easy it would be if you were on the same network or had access to one of the
m> nodes on either end or even, perhaps, a switch or router, etc in between
m> those two points.

m> Basically, the question is, can someone out there in the big, bad, internet
m> somehow watch all traffic going to and from another node on the internet
m> (like a web server for example) without being on the same local network as
m> the node they are watching? I'm quite sure the answer to this is yes and if
m> yes, then how is it done?


m> Thanks,
m> Mike

<===========End of original message text===========


Attachment: smime.p7s
Description: S/MIME Cryptographic Signature


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]