Saqib Ali wrote:
I would not believe it possible as you describe it. Have you seen this
happen?
I have not seen it myself. But I plan to visit Santa Clara and try it
out in next couple of days. But I found their technique to be very
strange, cause they clearly says that NO software installation
required on their website. So I figured it must be some kind of proxy
that modify the HTML pages. But that would certainly break SSL.
It is not difficult to implement a transparent proxy that does this for
regular HTTP traffic leaving the other traffic completely alone. There
are many examples to look at and I suspect this is really just an
extension of captive portals.
I thought other readers of this list may have seen / implemented
something like this. Thus the question.
There have been MITM tools released and they can be effective but
generally rely on the user making a mistake. I would doubt the SSL is
being touched at all.
--
Saqib Ali, CISSP, ISSAP
Support http://www.capital-punishment.net
-----------
"I fear, if I rebel against my Lord, the retribution of an Awful Day
(The Day of Resurrection)" Al-Quran 6:15
-----------
-------------------------------------------------------------------------
This List Sponsored by: SPI Dynamics
ALERT: "How A Hacker Launches A Web Application Attack!"
Step-by-Step - SPI Dynamics White Paper
Learn how to defend against Web Application Attacks with real-world
examples of recent hacking methods such as: SQL Injection, Cross Site
Scripting and Parameter Manipulation
https://download.spidynamics.com/1/ad/web.asp?Campaign_ID=701300000003gRl
--------------------------------------------------------------------------
