[Ach] filippo on SSL SMTP encryption

Jeroen Massar jeroen at massar.ch
Wed Apr 1 20:13:31 CEST 2015


On 2015-04-01 19:58, Aaron Zauner wrote:
> Hi,
> 
> Manuel Kraus wrote:
>> Since many adversaries sit on carrier links, the MITM-attack will be one
>> of the most important ones. Playing with forged certificates (to gain
>> access to a HTTP header exchange) or simply poisoning cleartext
>> connections, both having DoS in mind, will be quite neat stuff for those.
> 
> I don't think you get the full picture here. Such an adversary has a
> /very/ high interest in his work being undetected. If they would be to
> massively DoS popular websites with injecting fake headers that would be
> noticed immediately. They also can't use these attacks to gain information.

You mean like: http://netres.ec/?b=153DB4E ? :)

Greets,
 Jeroen




More information about the Ach mailing list