|
Full Disclosure
mailing list archives
Re: FD / lists.grok.org - bad SSL cert
From: Valdis.Kletnieks () vt edu
Date: Mon, 05 Jan 2009 16:15:38 -0500
On Mon, 05 Jan 2009 12:47:20 PST, Tim said:
How is that better, really? Run tcpdump or ettercap... Either of the
tools are off the shelf.
And if the site is using a self-signed cert, how does a 3rd party tcpdump
manage to get a *decrypted* datastream? Yes, you can still do traffic analysis
on the "X talked to Y with packet sizes A, B, and C" level, but you can't
look at the data.
Attachment:
_bin
Description:
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
- Re: FD / lists.grok.org - bad SSL cert, (continued)
Re: FD / lists.grok.org - bad SSL cert James Matthews (Jan 05)
Re: FD / lists.grok.org - bad SSL cert Tim (Jan 05)
Re: FD / lists.grok.org - bad SSL cert chort (Jan 05)
Re: FD / lists.grok.org - bad SSL cert Volker Tanger (Jan 05)
Re: FD / lists.grok.org - bad SSL cert Tim (Jan 05)
Re: FD / lists.grok.org - bad SSL cert Gary Wilson (Jan 06)
(Thread continues...)
| 
