|
IDS
mailing list archives
Re: SSL and IPS (was RE: ssh and ids)
From: Wouter Clarie <rimshot () pandora be>
Date: Thu, 1 Jul 2004 19:58:55 +0200 (CEST)
On Wed, 30 Jun 2004, Michael H. Warfield wrote:
The files are ready.
You can let me know what the URL was that was requested. You can
readily extract the server name from the cert. The rest will come from
the decrypted session.
[snip]
You now have everything you claim to need. Send me back the URL
and the html text of the page. I want to see this. I'll be truely
impressed if you can do what you claim to do.
I think you made a mistake. This session does not use DH, it uses
TLS_RSA_WITH_RC4_128_MD5, so you don't even need the certificate.
This was the request:
GET /kudzu/ HTTP/1.1
Host: www.cryptolinux.org
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040510
Accept:
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,image/jpeg,image/gif;q=0.2,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Reply:
<HTML><HEAD>
<TITLE>CyrptoLinux - LinuxCryto - Cryptography on Linux</TITLE>
<META name="description" content="Welcome to CryptoLinux. This is a resource
site for all thing cryptographic on Linux.">
<META name="keywords" content="Linux, Cryptography, Cryptographic, Linux OS,
Linux operation system">
</HEAD>
<BODY BACKGROUND=/backgrounds/paper/blue_paper.gif BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#0000FF" ALINK="#FF0000"
VLINK="#551A8B">
<img src="/crypto_tux_l.gif" align=left>
<img src="/crypto_tux_r.gif" align=right>
<Center>
Etc...
Regards,
Wouter Clarie
---------------------------------------------------------------------------
---------------------------------------------------------------------------
 By Date 
By Thread
Current thread:
|
Intro
