Securing Client Server HTTPS Connection
Results 1 to 4 of 4

Thread: Securing Client Server HTTPS Connection

  1. #1
    Junior Member
    Join Date
    Feb 2014
    Posts
    1

    Lightbulb Securing Client Server HTTPS Connection

    I have a https connection from Client to Server and a malware in client. The malware modifies the message and compromises its integrity. I am using a proxy to check the Integrity of the message after the malware has changed the message and before sending it over the internet to the server.

    Now, How can I check the Integrity of the message (Sure that it has not been modified by any Man in the Middle) for the second half of my communication channel(Which is from Client to the Server over the internet).

    I see few conventional approaches of CRC or Checksum will help. But I am looking for some non traditional or upcoming approaches. I am new to this area and want to take expert advise about the direction I need to search for answer to my question.

    Any pointers would be of great help.

    Thanks,

  2. #2
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Hi,

    You need to wipe the infected device and re-install.

    There is no other logical way
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  3. #3
    They call me the Hunted foxyloxley's Avatar
    Join Date
    Nov 2003
    Location
    3rd Rock from Sun
    Posts
    2,528
    further to Nihil's response, it IS the only way
    UNLESS - you are postulating a theoretical scenario ?
    so if you really DO have malware loaded, you HAVE to get rid of it first, and THEN you can look into ways of authentication

    if this IS just a mind game you are working through, then you would still have to add malware removal as step one, because until that is gone, you just cannot trust anything coming from client, and, more to the point, if you have an infected client, why would you want it remaining on your system ..........
    once you have a clean client speaking to yhour servers across your network, then you can contemplate other things, but reality is that once you have a clean system it will be transmitting / receiving good data anyway, as part of the built in standards that are incorporated into the transport portocols already

    odd question when you start to look at it in a mind games way :?
    55 - I'm fiftyfeckinfive and STILL no wiser,
    OLDER yes
    Beware of Geeks bearing GIF's
    come and waste the day :P at The Taz Zone

  4. #4
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Hi Foxy~ I hope that you and yours are well,

    This is a strange question indeed?

    If I am using a proxy to monitor the integrity of the message then the proxy must be clean?...................so the second half of the transmission must be clean also? assuming that the proxy has cleaned it?

    But why?.................I guess I know why I didn't get that job at GCHQ
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

Similar Threads

  1. Connection to HTTPS server Timed-Out
    By Natasha69 in forum AntiOnline's General Chit Chat
    Replies: 2
    Last Post: December 22nd, 2002, 04:28 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides