|
|
RE: Security tool for monitoring HTTPS traffic?: msg#00098security.web-applications
> > > Are they products they can look inside HTTPS traffic? Some > > > customers doesn't > > > trust HTTPS traffic going inside the company over the proxy! > > > > There is no way to look at the plain text content inside > the https traffic > > - that would defeat the whole purpose of https. > > 4 words: Man in the middle. > > It's perfectly possable to intercept the inital exchange, and > present the > apperence of HTTPS, while evesdropping on the plain text. Yes, you can do a man in the middle attack - I was thinking about passive interception, which is what I thought was being asked about (a product to look into any arbitrary https stream going through a proxy). |
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| Previous by Date: | RE: Controlling access to pdf/doc files: 00098, Paulus Widodo |
|---|---|
| Next by Date: | RE: Security tool for monitoring HTTPS traffic?: 00098, Satish Chandra Prasad |
| Previous by Thread: | RE: Security tool for monitoring HTTPS traffic?i: 00098, Altheide, Cory B. (IARC) |
| Next by Thread: | Re: Security tool for monitoring HTTPS traffic?: 00098, dd |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
| News | FAQ | advertise |