Home page logo

pen-test logo Penetration Testing mailing list archives

Re: [PEN-TEST] Scanning through SSL proxies.
From: Mordechai Ovits <movits () OVITS NET>
Date: Mon, 18 Sep 2000 12:13:53 -0400

On Sat, Sep 16, 2000 at 05:48:41PM -0700, matt lind wrote:
 SSl proxing can be done through a combination of techniques. First connect to the target machine using stunnel or 
some similar app. Next use a port redirector on you local machine to funnel any port 80 traffic through the stunnel'd 
cha ching. security? hmm. i don't think so.

Yup, stunnel is *excellent*.  It can do alot more than simple proxying.  For
example, it can do certifcate checking, even for client-side certs.

On Fri, 8 Sep 2000 09:24:01
 van Eeden, Stieler wrote:
Since everybody is starting to realise that SSL is a more secure protocol
than HTTP

Argh!  HTTP runs *over* SSL.  It's not /better/ than it!


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]