full-disclosure-uk January 2009 archive
Main Archive Page > Month Archives  > full-disclosure-uk archives
full-disclosure-uk: Re: [Full-disclosure] FD / lists.grok.org -

Re: [Full-disclosure] FD / lists.grok.org - bad SSL cert

From: <Valdis.Kletnieks_at_nospam>
Date: Mon Jan 05 2009 - 21:15:38 GMT
To: Tim <tim-security@sentinelchicken.org>

On Mon, 05 Jan 2009 12:47:20 PST, Tim said:

> How is that better, really? Run tcpdump or ettercap... Either of the
> tools are off the shelf.

And if the site is using a self-signed cert, how does a 3rd party tcpdump manage to get a *decrypted* datastream? Yes, you can still do traffic analysis on the "X talked to Y with packet sizes A, B, and C" level, but you can't look at the data.

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/