[clug] SSL Man-in-the-Middle attack - by "Law Enforcement"?

steve jenkin sjenkin at canb.auug.org.au
Thu Mar 25 15:05:34 MDT 2010

steve jenkin wrote on 25/03/10 1:21 PM:
> Comments?

Thanks for everyone's input.

Round 2:

Is this a malware vector that BlackHats could leverage?
By its nature, a highly targeted attack...

What would it take?
 - Certificates
 - servers or Zombies to run the M-t-M relay. Need exposed IP Nr.
 - some way to get groups of browsers to go via them
   - compromise ISP's (hard without inside help)
   - resetting browser proxies?
   - spoof DNS?

This is closer to Identity Theft than wide-scale malware.
But given 5+ years, you'd expect it, wouldn't you?

Steve Jenkin, Info Tech, Systems and Design Specialist.
0412 786 915 (+61 412 786 915)
PO Box 48, Kippax ACT 2615, AUSTRALIA

sjenkin at canb.auug.org.au http://members.tip.net.au/~sjenkin

More information about the linux mailing list