Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

fulldisclosure logo Full Disclosure mailing list archives

Re: New Vulnerability against Firefox/ Major Extensions
From: Tim <tim-security () sentinelchicken org>
Date: Wed, 30 May 2007 06:49:38 -0400



A DNS based man in the middle attack will not work against a SSL
enabled webserver. This is because SSL certificates certify an
association between a specific domain name and an ip address. An
attempted man in the middle attack against a SSL enabled Firefox
update server will result in the browser rejecting the connection to
the masquerading update server, as the ip address in the SSL
certificate, and the ip address returned by the DNS server will not
match.


False.  SSL certificates do not authenticate DNS/IP associations.  They
authenticate public key/DNS associations.  The difference is likely
irrelevant to this issue, but be sure you understand SSL's PKI when you
explain such things, lest you confuse crypto noobs.

tim

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]