man-in-the-middle – Page 18

Why does Tor use self-signed certificates? Isn’t it insecure?

Posted on March 16, 2022 by Gaai Chia

Aren’t self-signed certificates vulnerable against MITM attack? What measures did Tor take to prevent MITM attack against self-signed certificates?

Continue reading Why does Tor use self-signed certificates? Isn’t it insecure?→

When a server is sending data back to client, is it vulnerable against MITM attack? How to prevent such kind of MITM attack?

Posted on March 13, 2022 by Gaai Chia

Case One: A Tor exit node sending data forward to a website server.
In this case, a MITM attack can easily success because the traffic is not encrypted. However, the MITM does not know who sent the data originally, it only knows the fact t… Continue reading When a server is sending data back to client, is it vulnerable against MITM attack? How to prevent such kind of MITM attack?→

Russia to create its own security certificate authority, alarming experts

Posted on March 11, 2022 by Suzanne Smalley

Russia responds to economic sanctions hobbling renewals of its Internet security certificates by saying it will create its own.

The post Russia to create its own security certificate authority, alarming experts appeared first on CyberScoop.

Continue reading Russia to create its own security certificate authority, alarming experts→

How are session keys transferred between a client and a server?

Posted on March 10, 2022 by Gaai Chia

Session keys are generated during TLS handshake and are transferred from clients to server through asymmetric encryption FOR ONCE.
However, I have heard that session keys are single-use, which mean a new set of session keys are going to be… Continue reading How are session keys transferred between a client and a server?→

Possible rogue admin monitoring my online activities

Posted on March 9, 2022 by pancake-house

I teleworked for a medium-sized software company. We had a network architect who offered me a firewall to install so I could securely access on-premises resources and play around with some configuration settings because I’m interested in s… Continue reading Possible rogue admin monitoring my online activities→

TLS ClientHello leaks HTTP host header

Posted on March 9, 2022 by Daniel D.

As already discussed on this platform, TLS Client Hello messages are not encrypted, since they contain "no sensitive data".
When sniffing HTTPS requests with wireshark, I can see the domain I am trying to access in the Client Hel… Continue reading TLS ClientHello leaks HTTP host header→

Overlap between Wired vs WiFi vulnerabilities

Posted on March 6, 2022 by Steven Chris

This is a fundamental question, but, I’m interested in understanding the "venn diagram" of attack vectors between wired and Wi-Fi connections.
What are the attacks that both wired and Wi-Fi are vulnerable to? And what are the att… Continue reading Overlap between Wired vs WiFi vulnerabilities→

MITM after correct certificate has been sent

Posted on February 20, 2022 by cinhk

Lately, while using a proxy, I got a certificate error for a website. Firefox gave a warning that the connection would not be secure. The certificate looked like the correct one (checked from a different IP) though.
Also when changing the … Continue reading MITM after correct certificate has been sent→

Did HTTPS and HSTS kill MITM?

Posted on February 15, 2022 by beardeadclown

Is there a point in being MITM nowadays since HTTPS makes it impossible to make sense of sniffed data and HSTS prevents SSL stripping?

Continue reading Did HTTPS and HSTS kill MITM?→

Reverse Shell for managing unreachable remote computers

Posted on February 15, 2022 by kol

In the near future, I will have about 50 remote computers to manage. These will be physical PCs running Debian 11, distributed all over the country. They will automatically perform a special kind of measurement repeatedly, and upload the r… Continue reading Reverse Shell for managing unreachable remote computers→