lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
From: nicola at delvacchio.it (Nicola Del Vacchio)
Subject: VerySign Class 1 Authority - bogus SSL
	certificate?

it seems to me the fake certificates that a tool like ettercap iussues.

compare whith this (fake) verificate.

cheers
nicola del vacchio
security consultant 
genova italy
nicola@...vacchio.it



Il mer, 2004-06-02 alle 18:45, Valdis.Kletnieks@...edu ha scritto:
> On Wed, 02 Jun 2004 07:39:31 +0930, Chris van der Pennen <chris@...gotdns.org>  said:
> > I've been getting SSL certificates from various websites recently that are
> > apparently from a "VerySign Class 1 Authority" - note the 'y' in VerySign.
> > The certificate expired 6 December 2002.
> 
> > The data in Issued To and Issued By are identical.
> 
> > This smells very much like an SSL hijack attempt - can anyone shed some
> > light on the situation?
> 
> Or some webserver package that builds a self-signed certificate so SSL works
> without having to pay Verisign, and does so in a "cute" manner that users are
> likely to accept the cert without thinking about it. It's probably NOT a hijack
> attempt unless you have *OTHER* evidence of that (phishy-looking redirect
> javascript on the page, etc....)
> 
> Given how little *real* security a signed cert creates, it's probably not worth
> worrying about.
> 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: fake-verisign-ca1.cer
Type: application/x-x509-ca-cert
Size: 691 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040602/22ecfade/fake-verisign-ca1.bin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Questa parte del messaggio =?ISO-8859-1?Q?=E8?= firmata
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040602/22ecfade/attachment.bin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ