Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Sniffing Encrypted Traffic (w/ keys)

from [Brad DeShong] Network Security [Permanent Link]
Subject: Sniffing Encrypted Traffic (w/ keys)
Date: Wed, 22 Jun 2005 21:42:52 -0500
During a recent assesment we compromised SSL keys for a webserver and wanted to sniff the "encrypted" traffic. In theory this works, but what tools exist to do this in practice? I've seen Covelight's Clearwatch on a Windows system, but we're working with a Linux system on the inside. Is a MITM necessary or can it be done by just looking at the traffic after the fact (at least for the half of the connection we have keys for?). 

Thanks,
Brad DeShong
WestAnnex Security

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Risks associated to branch office IPSec devices, Robert Hines
Next by Date:  Re: Sniffing Encrypted Traffic (w/ keys), Brad DeShong
Previous by Thread:  TFTP and XP_CMDSHELL - Weird, Andres Molinetti
Next by Thread:  Re: Sniffing Encrypted Traffic (w/ keys), Brad DeShong
Indexes:  [Date] [Thread] [Top] [All Lists]