OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Bugtraq Archives: Re: BIND bugs of the month (spoofing secure W

Re: BIND bugs of the month (spoofing secure Web sites?)


Kurt Seifried (listuserSEIFRIED.ORG)
Sun, 14 Nov 1999 15:40:16 -0700


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> While DNS spoofs may be practical, impersonating an SSL-enabled Web
> server requires considerably more than lying about IP addresses.

No, not really. The weak link is the end user, and they are generally
a VERY weak link. I wrote an article dealing with this:

<blatant corporate self-plug>
http://www.securityportal.com/closet/closet19990930.html
</blatant corporate self-plug>

> -Peter

- -Kurt Seifried

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.1 for non-commercial use <http://www.pgp.com>

iQA/AwUBOC86Tob9cm7tpZo3EQIQugCfUGYpX5JyI/50rR4rxAmOyWyBOzYAnjVN
ZJLNpm2peizpZDThkFqfeykh
=MOsV
-----END PGP SIGNATURE-----



This archive was generated by hypermail 2.0b3 on Mon Nov 15 1999 - 00:25:02 CST