RE: Security tool for monitoring HTTPS traffic?

There are Application Layer firewalls which can inspect HTTPS traffic to
assure that the communications coming in are not maliscious attacks via
the web browser.  These types of solutions will decrypt the traffic,
inspect it, and then either re-encrypt or not, and send back to your web
server. 

http://www.infoworld.com/article/04/02/06/06FEsecureapp_1.html 

Cheers

John

-----Original Message-----
From: Altheide, Cory B. (IARC) [mailto:AltheideC@xxxxxxxxxx] 
Sent: Thursday, February 26, 2004 11:23 AM
To: webappsec@xxxxxxxxxxxxxxxxx
Subject: RE: Security tool for monitoring HTTPS traffic?


> -----Original Message-----
> From: John Reilly [mailto:JReilly@xxxxxxxxxxxx]
> Sent: Wednesday, February 25, 2004 2:19 AM
> To: webappsec@xxxxxxxxxxxxxxxxx
> Subject: RE: Security tool for monitoring HTTPS traffic?
> 
> 
> 
> 
> > I have a similar question too!
> > 
> > Are they products they can look inside HTTPS traffic? Some customers

> > doesn't trust HTTPS traffic going inside the company over the proxy!
> 
> There is no way to look at the plain text content inside the
> https traffic - that would defeat the whole purpose of https.  
> 
> Regards,
> John

This is false.

If there were no way to look at the plain text content inside of HTTPS
traffic it would be exceedingly difficult for the intended recipient to
do anything useful with said HTTPS traffic (ie, one-way encryption).

Cory Altheide
Senior Network Forensics Specialist
NNSA Information Assurance Response Center (IARC) altheidec@xxxxxxxxxx