| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <s0bf2aad.073@emailc.tcc.edu> From: tcguesr at tcc.edu (Robert Guess) Subject: RE: Verysign Valdis, I am suprised that you don't know this one! "Verysign" is Ettercap 0.6.x's default SSL MITM Certificate. They are dealing with a very lazy attacker... one who doesn't bother to create their own certs. I do like your comment "Given how little *real* security a signed cert creates, it's probably not worth worrying about." Funny stuff. Best regards, Rob <snip> > I've been getting SSL certificates from various websites recently that are > apparently from a "VerySign Class 1 Authority" - note the 'y' in VerySign. > The certificate expired 6 December 2002. > The data in Issued To and Issued By are identical. > This smells very much like an SSL hijack attempt - can anyone shed some > light on the situation? Valdis spracht: "Or some webserver package that builds a self-signed certificate so SSL works without having to pay Verisign, and does so in a "cute" manner that users are likely to accept the cert without thinking about it. It's probably NOT a hijack attempt unless you have *OTHER* evidence of that (phishy-looking redirect javascript on the page, etc....) Given how little *real* security a signed cert creates, it's probably not worth worrying about." </snip> Robert Guess Instructor, Information Systems Technology Tidewater Community College (757) 822-5022 () ascii ribbon campaign /\ against html email
Powered by blists - more mailing lists