Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

webappsec logo WebApp Sec mailing list archives

Re: keyloggers? - dont doit
From: "lyal.collins" <lyal.collins () key2it com au>
Date: Thu, 07 Apr 2005 13:37:55 +1000
SSL falls to spoofed certs/trust lists and or DNS poisoning to create MITM
attacks.
Cybercafes can run their own DNS and routing mechanisms, enabling the latter.
They run and manage their own browsers and trusted cert lists, enabing a fake
 'root CA" cert to be laoded into browsers, enabing the former.

SSL is a dead duck in every environment unless DNS is known to be 100%
accurate, and no ARP sppofing  tricks are happening.

yal



On Apr 6, 2005 7:23 AM, Alvin Oga
<alvin.sec () virtual linux-consulting com> wrote:

        - anything sent over the internet is sniffable from
        anywhere in the world


Delurking just to mention that this isn't correct. Online banking (and
other security-sensitive activities) aren't a good idea from shared
sites like a cybercafe for all the reasons others have mentioned, but
this isn't it. From my desktop here, I almost certainly have no way of
sniffing your traffic to your bank, unless I happen to be somewhere
along your path.

I'd also like to know about SSL being broken. I think you mean one of
the common ciphers is broken, which would be substantial news indeed.

Your conclusion is right but your reasoning is completely wrong AFAICT.

-- 
Kyle Maxwell
[krmaxwell () gmail com]




--

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]