mailing list archives
Re: [PEN-TEST] Scanning through SSL proxies.
From: Mordechai Ovits <movits () OVITS NET>
Date: Mon, 18 Sep 2000 12:13:53 -0400
On Sat, Sep 16, 2000 at 05:48:41PM -0700, matt lind wrote:
SSl proxing can be done through a combination of techniques. First connect to the target machine using stunnel or
some similar app. Next use a port redirector on you local machine to funnel any port 80 traffic through the stunnel'd
cha ching. security? hmm. i don't think so.
Yup, stunnel is *excellent*. It can do alot more than simple proxying. For
example, it can do certifcate checking, even for client-side certs.
On Fri, 8 Sep 2000 09:24:01
van Eeden, Stieler wrote:
Since everybody is starting to realise that SSL is a more secure protocol
Argh! HTTP runs *over* SSL. It's not /better/ than it!